How can one decompile Android DEX (VM bytecode) files into corresponding Java sourcecode?
With Dedexer, you can disassemble the .dex
file into dalvik bytecode (.ddx
).
Decompiling towards Java isn't possible as far as I know.
You can read about dalvik bytecode here.
This can be done in following five steps:
This gem does these things for you automatically even the installation of required tools
Sometimes you get broken code, when using dex2jar
/apktool
, most notably in loops. To avoid this, use jadx, which decompiles dalvik bytecode into java source code, without creating a .jar
/.class
file first as dex2jar
does (apktool uses dex2jar I think). It is also open-source and in active development. It even has a GUI, for GUI-fanatics. Try it!
Recent Debian have Python package androguard
:
Description-en: full Python tool to play with Android files
Androguard is a full Python tool to play with Android files.
* DEX, ODEX
* APK
* Android's binary xml
* Android resources
* Disassemble DEX/ODEX bytecodes
* Decompiler for DEX/ODEX files
Install corresponding packages:
sudo apt-get install androguard python-networkx
Decompile DEX file:
$ androdd -i classes.dex -o ./dir-for-output
Extract classes.dex
from Apk + Decompile:
$ androdd -i app.apk -o ./dir-for-output
Apk file is nothing more that Java archive (JAR), you may extract files from archive via:
$ unzip app.apk -d ./dir-for-output
Get these tools:
dex2jar to translate dex files to jar files
jd-gui to view the java files in the jar
The source code is quite readable as dex2jar makes some optimizations.
And here's the procedure on how to decompile:
Convert classes.dex in test_apk-debug.apk to test_apk-debug_dex2jar.jar
d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk
d2j-dex2jar.sh -f -o output_jar.jar dex_to_decompile.dex
Note 1: In the Windows machines all the
.sh
scripts are replaced by.bat
scripts
Note 2: On linux/mac don't forget about
sh
orbash
. The full command should be:
sh d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk
Note 3: Also, remember to add execute permission to
dex2jar-X.X
directory e.g.sudo chmod -R +x dex2jar-2.0
dex2jar documentation
Open the jar in JD-GUI
Since Dheeraj Bhaskar
's answer is relatively old as many years past.
Here is my latest (2019 year) answer:
from dex
to java sourcecode
, currently has two kind of solution:
One Step
: directly convert dex
to java sourcecode
Two Step
: first convert dex
to jar
, second convert jar
to java sourcecode
dex
directly to java sourcecode
bin
folder can see command line jadx
or GUI version jadx-gui
, double click to run GUI version: jadx-gui
dex
filethen can show java source code:
File
-> save as gradle project
then got java sourcecode:
dex
to jar
download dex2jar zip, unzip got d2j-dex2jar.sh
, then:
apk
to jar
: sh d2j-dex2jar.sh -f ~/path/to/apk_to_decompile.apk
dex
to jar
: sh d2j-dex2jar.sh -f ~/path/to/dex_to_decompile.dex
example:
➜ v3.4.8 /Users/crifan/dev/dev_tool/android/reverse_engineering/dex-tools/dex-tools-2.1-SNAPSHOT/d2j-dex2jar.sh -f com.huili.readingclub8825612.dex
dex2jar com.huili.readingclub8825612.dex -> ./com.huili.readingclub8825612-dex2jar.jar
➜ v3.4.8 ll
-rw------- 1 crifan staff 9.5M 3 21 10:00 com.huili.readingclub8825612-dex2jar.jar
-rw------- 1 crifan staff 8.4M 3 19 14:04 com.huili.readingclub8825612.dex
jar
to java sourcecode
many
code will decompile errorminor
code will decompile errorno
code decompile error
Procyon
here demo Procyon
convert jar to java source code:
download procyon-decompiler-0.5.34.jar
then using syntax:
java -jar /path/to/procyon-decompiler-0.5.34.jar -jar your_to_decompile.jar -o outputFolderName
example:
java -jar /Users/crifan/dev/dev_tool/android/reverse_engineering/Procyon/procyon-decompiler-0.5.34.jar -jar com.huili.readingclub8825612-dex2jar.jar -o com.huili.readingclub8825612
using editor VSCode to open exported source code, look like this:
Conversion correctness : Jadx
> Procyon
> CRF
> JD-GUI
Recommend use: (One step solution's) Jadx
for more detailed explanation, please refer my online Chinese ebook: 安卓应用的安全和破解