目前DEX可执行文件主流的反汇编工具有BakSmali与Dedexer。
(注意如果懒得配置路径的话直接把.jar和Hello.java放在同一个目录下)
测试代码采用Hello.java
java -jar baksmali.jar -o baksmaliout Hello.dex
命令成功执行后会在baksmali目录下生成Hello.smali 文件,用文本编译器打开,foo()函数代码如下:
# virtual methods
.method public foo(II)I
.registers 5
.prologue
.line 3
add-int v0, p1, p2
sub-int v1, p1, p2
mul-int/2addr v0, v1
return v0
.end method
java -jar ddx.jar -d ddxout Hello.dex
命令成功执行后会在ddxout目录下生成Hello.smali 文件,用文本编译器打开,foo()函数代码如下:
.method public foo(II)I
.limit registers 5
; this: v2 (LHello;)
; parameter[0] : v3 (I)
; parameter[1] : v4 (I)
.line 3
add-int v0,v3,v4
sub-int v1,v3,v4
mul-int/2addr v0,v1
return v0
.end method
BakSmali 提供反汇编的功能时还支持Smali工具打包反编译代码重新生成dex文件,因而更受青睐
附上参数表
java -jar baksmali.jar -o baksmaliout Hello.dex
D:\Android\files>java -jar baksmali.jar -o Hello.dex
usage: java -jar baksmali.jar [options] <dex-file>
disassembles and/or dumps a dex file
-?,--help prints the help message then exits.
Specify twice for debug options
-a,--api-level <API_LEVEL> The numeric api-level of the file
being disassembled. If not
specified, it defaults to 15 (ICS).
-b,--no-debug-info don't write out debug info (.local,
.param, .line, etc.)
-c,--bootclasspath <BOOTCLASSPATH> the bootclasspath jars to use, for
analysis. Defaults to
core.jar:ext.jar:framework.jar:andro
id.policy.jar:services.jar. If the
value begins with a :, it will be
appended to the default
bootclasspath instead of replacing
it
-d,--bootclasspath-dir <DIR> the base folder to look for the
bootclasspath files in. Defaults to
the current directory
-e,--dex-file <DEX_FILE> looks for dex file named DEX_FILE,
defaults to classes.dex
-f,--code-offsets add comments to the disassembly
containing the code offset for each
address
-i,--resource-id-files <FILES> the resource ID files to use, for
analysis. A colon-separated list of
prefix=file pairs. For example
R=res/values/public.xml:android.R=$A
NDROID_HOME/platforms/android-19/dat
a/res/values/public.xml
-j,--jobs <NUM_THREADS> The number of threads to use.
Defaults to the number of cores
available, up to a maximum of 6
-k,--check-package-private-access When deodexing, use the
package-private access check when
calculating vtable indexes. It
should only be needed for 4.2.0
odexes. The functionality was
reverted for 4.2.1.
-l,--use-locals output the .locals directive with
the number of non-parameter
registers, rather than the .register
directive with the total number of
register
-m,--no-accessor-comments don't output helper comments for
synthetic accessors
-o,--output <DIR> the directory where the disassembled
files will be placed. The default is
out
-p,--no-parameter-registers use the v<n> syntax instead of the
p<n> syntax for registers mapped to
method parameters
-r,--register-info <REGISTER_INFO_TYPES> print the specificed type(s) of
register information for each
instruction. "ARGS,DEST" is the
default if no types are specified.
Valid values are:
ALL: all pre- and post-instruction
registers.
ALLPRE: all pre-instruction
registers
ALLPOST: all post-instruction
registers
ARGS: any pre-instruction registers
used as arguments to the instruction
DEST: the post-instruction
destination register, if any
MERGE: Any pre-instruction register
has been merged from more than 1
different post-instruction register
from its predecessors
FULLMERGE: For each register that
would be printed by MERGE, also show
the incoming register types that
were merged
-s,--sequential-labels create label names using a
sequential numbering scheme per
label type, rather than using the
bytecode address
-t,--implicit-references Use implicit (type-less) method and
field references
-v,--version prints the version then exits
-x,--deodex deodex the given odex file. This
option is ignored if the input file
is not an odex file
D:\Android\files>java -jar ddx.jar -o H Hello.dex
Usage: java -jar ddx.jar -o -D -r -d <destination directory> <source>
<destination directory> is where the generated files will be placed.
<source> is the name of the source DEX file.
-D - if present, more detailed error report is printed in case of failure
.
-o - if present, detailed log file will be created about the input DEX fi
le (dex.log).
-r - if present, register trace will be emitted after each instruction
-e <deps> - if present, the <deps> directory is supposed to contain depen
dencies necessary for ODEX disassembly. Read the manual for details.
扫一扫
3395
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
