Is there a way to get the source code from an APK file?

前端 未结 27 1842
难免孤独
难免孤独 2020-11-21 06:56

The hard drive on my laptop just crashed and I lost all the source code for an app that I have been working on for the past two months. All I have is the APK file that is st

相关标签:
27条回答
  • 2020-11-21 07:58

    There are lots of applications and methods in the market to decompile the apk file into java class but if the app is compiled with ProGuard rule then you are in a big trouble because this rule will shrink all the dex files into a small character name and then you can not trace back the implementation. see https://developer.android.com/studio/build/shrink-code for mode clarification.

    Happy Coding...

    0 讨论(0)
  • based on your condition, if your android apk:

    Condition1: NOT harden (by Tencent Legu/Qihoo 360/...)

    Choice1: using online service

    such as:

    using www.javadecompilers.com

    goto:

    • http://www.javadecompilers.com/apk
      • Note: internally using Jadx

    to auto decode from apk to java sourcecode

    steps:

    upload apk file + click Run + wait some time + click Download to get zip + unzip ->

    sources/com/{yourCompanyName}/{yourProjectName}

    is your expected java source code

    Choice2: decompile/crack by yourself

    use related tool to decompile/crack by yourself:

    use jadx/jadx-gui convert apk to java sourcecode

    download jadx-0.9.0.zip then unzip to got bin/jadx, then:

    • command line mode:
      • in terminal run: jadx-0.9.0/bin/jadx -o output_folder /path_to_your_apk/your_apk_file.apk
      • output_folder will show decoded sources and resources
        • sources/com/{yourCompanyName}/{yourProjectName} is your expected java sourcecode
    • GUI mode
      • double click to run jadx-0.9.0/bin/jadx-gui (Linux's jadx-gui.sh / Windows's jadx-gui.bat)
      • open apk file
      • it will auto decoding -> see your expected java sourcecode
      • save all or save as Gradle project

    eg:

    Condition2: harden (by Tencent Legu/Qihoo 360/...)

    the main method of 3 steps:

    1. apk/app to dex
    2. dex to jar
    3. jar to java src

    detailed explanation:

    Step1: apk/app to dex

    use tool (FDex2/DumpDex) dump/hook out (one or multiple) dex file from running app

    steps:

    prepare environment

    • a rooted android
      • real phone
      • or emulator
        • here using Chinese Nox App Player夜神安卓模拟器
    • install your android apk
      • to the phone or emulator
    • installed Xposed Installer
    • install FDex2/DumpDex into XPosed and enable it
      • Note: need restart Xposed to make FDex2 work
      • FDex2 download address, Chinese:
        • 脱壳工具 FDex2-CSDN下载
        • 链接: https://pan.baidu.com/s/1lTF8CN96bxWpFwv7J174lg 提取码: 3e3t
    • install your android apk to phone/emulator

    dump out dex from running app

    • run FDex2 then click your apk name to enable later to capture/hook out dex

    • (in phone/emulator) run your app
    • find and copy out the dump out whole apk resources in /data/data/com/yourCompanyName/yourProjectName
      • in its root folder normally will find several dex file

    Step2: dex to jar

    use tool (dex2jar) convert (the specific, containing app logic) dex file to jar file

    download dex2jar got dex-tools-2.1-SNAPSHOT.zip, unzip got dex-tools-2.1-SNAPSHOT/d2j-dex2jar.sh, then

    sh dex-tools-2.1-SNAPSHOT/d2j-dex2jar.sh -f your_dex_name.dex

    eg:

    dex-tools-2.1-SNAPSHOT/d2j-dex2jar.sh -f com.xxx.yyy8825612.dex
    dex2jar com.xxx.yyy8825612.dex -> ./com.xxx.yyy8825612-dex2jar.jar
    

    Step3: jar to java src

    use one of tools:

    • Jadx
    • Procyon
      • GUI tool based on procyon:
        • Luyten
        • Bytecode Viewer
    • CRF
    • JD-GUI
    • some others:
      • Krakatau
      • Fernflower
      • Cavaj

    convert jar to java src

    for from jar to java src converting effect:

    Jadx > Procyon > CRF >> JD-GUI

    so recommend use: Jadx/jadx-gui

    steps:

    • double click to run jadx-gui
    • open dex file
    • File -> save all

    eg:

    exported java src:


    More detailed explanation can see my online ebook Chinese tutorial:

    • 安卓应用的安全和破解
      • tutorial's source code on github: crifan/android_app_security_crack: 安卓应用的安全和破解
    0 讨论(0)
  • 2020-11-21 08:03

    apktool will work. You don't even need to know the keystore to extract the source code (which is a bit scary). The main downside is that the source is presented in Smali format instead of Java. Other files such as the icon and main.xml come through perfectly fine though and it may be worth your time to at least recover those. Ultimately, you will most likely need to re-write your Java code from scratch.

    You can find apktool here. Simply just download apktool and the appropriate helper (for Windows, Linux, or Mac OS). I recommend using a tool such as 7-zip to unpack them.

    0 讨论(0)
提交回复
热议问题