decompiling DEX into Java sourcecode

Question

How can one decompile Android DEX  VM bytecode  files into corresponding Java sourcecode

User · Accepted Answer

It s easy Get these tools   dex2jar to translate dex files to jar files  jd-gui to view the java files in the jar   The source code is quite readable as dex2jar makes some optimizations  Procedure  And here s the procedure on how to decompile  Step 1  Convert classes dex in test apk-debug apk to test apk-debug dex2jar jar d2j-dex2jar sh -f -o output jar jar apk to decompile apk d2j-dex2jar sh -f -o output jar jar dex to decompile dex   Note 1  In the Windows machines all the  sh scripts are replaced by  bat scripts   Note 2  On linux mac don t forget about sh or bash  The full command should be   sh d2j-dex2jar sh -f -o output jar jar apk to decompile apk    Note 3  Also  remember to add execute permission to dex2jar-X X directory e g  sudo chmod -R  x dex2jar-2 0  dex2jar documentation Step 2  Open the jar in JD-GUI

User · Answer

Sometimes you get broken code  when using dex2jar apktool  most notably in loops  To avoid this  use jadx  which decompiles dalvik bytecode into java source code  without creating a  jar  class file first as dex2jar does  apktool uses dex2jar I think   It is also open-source and in active development  It even has a GUI  for GUI-fanatics  Try it

User · Answer

With Dedexer  you can disassemble the  dex file into dalvik bytecode   ddx    Decompiling towards Java isn t possible as far as I know  You can read about dalvik bytecode here

User · Answer

Easiest method to decompile an android app is to download an app named ShowJava from playstore   Just select the application that needs to be decompiled from the list of applications  There are three different decompiler you can use to decompile an app namely -      CFR 0 110  JaDX 0 6 1 or FernFlower  analytical decompiler

User · Answer

Since no one mentioned this  there s one more tool  DED homepage  Install how-to and some explanations  Installation    It was used in a quite interesting study of the security of top market apps not really related  just if you re curious   A Survey of Android Application Security

User · Answer

To clarify somewhat  there are two major paths you might take here depending on what you want to accomplish   Decompile the Dalvik bytecode  dex  into readable Java source  You can do this easily with dex2jar and jd-gui  as fred mentions  The resulting source is useful to read and understand the functionality of an app  but will likely not produce 100  usable code  In other words  you can read the source  but you can t really modify and repackage it  Note that if the source has been obfuscated with proguard  the resulting source code will be substantially more difficult to untangle   The other major alternative is to disassemble the bytecode to smali  an assembly language designed for precisely this purpose  I ve found that the easiest way to do this is with apktool  Once you ve got apktool installed  you can just point it at an apk file  and you ll get back a smali file for each class contained in the application  You can read and modify the smali or even replace classes entirely by generating smali from new Java source  to do this  you could compile your  java source to  class files with javac  then convert your  class files to  dex files with Android s dx compiler  and then use baksmali  smali disassembler  to convert the  dex to  smali files  as described in this question  There might be a shortcut here   Once you re done  you can easily package the apk back up with apktool again  Note that apktool does not sign the resulting apk  so you ll need to take care of that just like any other Android application   If you go the smali route  you might want to try APK Studio  an IDE that automates some of the above steps to assist you with decompiling and recompiling an apk and installing it on a device   In short  your choices are pretty much either to decompile into Java  which is more readable but likely irreversible  or to disassemble to smali  which is harder to read but much more flexible to make changes and repackage a modified app  Which approach you choose would depend on what you re looking to achieve    Lastly  the suggestion of dare is also of note  It s a retargeting tool to convert  dex and  apk files to java  class files  so that they can be analyzed using typical java static analysis tools

User · Answer

A lot has changed since most of these answers were posted  Now-a-days there a are many easy tools with GUI s  like these    APK Easy Tool for Windows  GUI tool  friendly  Bytecode Viewer - APK Java Reverse Engineering Suite URET Android Reverser Toolkit   Best place to find them is on the XDA Developers forum

User · Answer

If you re not looking to download dex2jar  then just use the apk grabber python script to decompile any apk into jar files   Then you read them with jd-gui

User · Answer

Once you downloaded your APK file   You need to do the following steps to get a editable java code document    Convert your apk file to zip  while start your download don t go with  save  option   just go with  save as  and mention your extension as  zip  by doing like this you may avoid APKTOOL    Extract the zip file   there you can find somefilename dex  so now we need to convert dex -   class To do that  you need  dex2jar  you can download it from http   code google com p dex2jar    after extracted  in command prompt you have to mention like   D  dex2jar-0 09 dex2jar somefilename dex   Keep in mind that your somefilename dex must be inside the same folder where you have keep your dex2jar   Download jad from http   www viralpatel net blogs download jad jad zip and extract it  Once extracted you can see two files like  jad exe  and  Readme txt   sometimes  jad txt  may there instead of  jad exe   so just rename its extension as exe to run  Finally  in command prompt you have to mention like  D  jad jad -sjava yourfilename class  it will parse your class file into editable java document

User · Answer

A more complete version of fred s answer   Manual way  First you need a tool to extract all the  compiled  classes on the DEX to a JAR  There s one called dex2jar  which is made by a chinese student   Then  you can use jd-gui to decompile the classes on the JAR to source code  The resulting source should be quite readable  as dex2jar applies some optimizations   Automatic way  You can use APKTool  It will automatically extract all the classes   dex   resources   asrc   then it will convert binary XML to human-readable XML  and it will also  dissassemble the classes for you  Disassembly will always be more robust than decompiling  especially with JARs obfuscated with Pro Guard   Just tell APKTool to decode the APK into a directory  then modify what you want  and finally encode it back to an APK  That s all   Important  APKTool dissassembles  It doesn t decompile  The generated code won t be Java source  But you should be able to read it  and even edit it if you re familiar with jasmin  If you want Java source  please go over the Manual way

User · Answer

I have used   dex2jar   jd-gui javadecompilers com enjarify Apktool   But none beats google s own tools  1 Android Studio 2 x  build  analyze apk   2 Android Studio 3 0  Profile or Debug APK

User · Answer

You might try JADX  https   bitbucket org mstrobel procyon wiki Java 20Decompiler   this is a perfect tool for DEX decompilation   And yes  it is also available online on  my  0   new site  http   www javadecompilers com apk

User · Answer

Android Reverse Engineering is possible     Follow these steps to get  java file from apk file   Step1   Using dex2jar   Generate  jar file from  apk file command   dex2jar sampleApp apk   Step2   Decompiling  jar using JD-GUI   it decompiles the  class files i e   we ll get obfuscated  java back from the apk

User · Answer

Recent Debian have Python package androguard   Description-en  full Python tool to play with Android files  Androguard is a full Python tool to play with Android files      DEX  ODEX     APK     Android s binary xml     Android resources     Disassemble DEX ODEX bytecodes     Decompiler for DEX ODEX files   Install corresponding packages   sudo apt-get install androguard python-networkx   Decompile DEX file     androdd -i classes dex -o   dir-for-output   Extract classes dex from Apk   Decompile     androdd -i app apk -o   dir-for-output   Apk file is nothing more that Java archive  JAR   you may extract files from archive via     unzip app apk -d   dir-for-output

User · Answer

I d actually recommend going here  https   github com JesusFreke smali  It provides BAKSMALI  which is a most excellent reverse-engineering tool for DEX files  It s made by JesusFreke  the guy who created the fameous ROMs for Android

User · Answer

Since Dheeraj Bhaskar s answer is relatively old as many years past   Here is my latest  2019 year  answer   Main Logic  from dex to java sourcecode  currently has two kind of solution    One Step  directly convert dex to java sourcecode Two Step  first convert dex to jar  second convert jar to java sourcecode     One step solution  dex directly to java sourcecode  Tools   jadx   Process   download jadx-0 9 0 zip  unzip it  in bin folder can see command line jadx or GUI version jadx-gui  double click to run GUI version  jadx-gui      open dex file     then can show java source code      File -  save as gradle project     then got java sourcecode       Two Step solution  Step1  dex to jar  Tools   dex2jar   Process  download dex2jar zip  unzip got d2j-dex2jar sh  then    apk to jar  sh d2j-dex2jar sh -f   path to apk to decompile apk dex to jar  sh d2j-dex2jar sh -f   path to dex to decompile dex   example      v3 4 8  Users crifan dev dev tool android reverse engineering dex-tools dex-tools-2 1-SNAPSHOT d2j-dex2jar sh -f com huili readingclub8825612 dex dex2jar com huili readingclub8825612 dex - gt    com huili readingclub8825612-dex2jar jar    v3 4 8 ll -rw-------  1 crifan  staff   9 5M  3 21 10 00 com huili readingclub8825612-dex2jar jar -rw-------  1 crifan  staff   8 4M  3 19 14 04 com huili readingclub8825612 dex   Step2  jar to java sourcecode  Tools   jd-gui  most popular  but many code will decompile error CRF  popular  minor code will decompile error Procyon  popular  no code decompile error   GUI tool based on Procyon   Luyten   Bytecode Viewer   others   Krakatau Fernflower old one  AndroChef etc     Process  here demo Procyon convert jar to java source code   download procyon-decompiler-0 5 34 jar  then using syntax    java -jar  path to procyon-decompiler-0 5 34 jar -jar your to decompile jar -o outputFolderName  example   java -jar   Users crifan dev dev tool android reverse engineering Procyon procyon-decompiler-0 5 34 jar -jar com huili readingclub8825612-dex2jar jar -o com huili readingclub8825612  using editor VSCode to open exported source code  look like this     Conclusion  Conversion correctness   Jadx   Procyon   CRF   JD-GUI  Recommend use   One step solution s  Jadx    for more detailed explanation  please refer my online Chinese ebook

User · Answer

This can be done in following five steps   This gem does these things for you automatically even the installation of required tools   convert apk file to zip unzip the file extract classes dex from it use dex to jar to convert classes dex into jar file use jadx gui to open the jar file as java source code

[java] decompiling DEX into Java sourcecode

It's easy

Procedure:

Step 1:

Step 2:

Examples related to java

Examples related to android

Examples related to reverse-engineering

Examples related to decompiler

Examples related to dex