app 结构反编译
为什么要掌握 app 反编译
- 分析资源使用情况,比如方法数、资源大小
- 安全检查,比如密钥、敏感注释
- 辅助测试,比如用例生成、界面与控件数统计
Android 资源打包工具 aapt 与 aapt2
aapt 可以分析 apk 基本内部结构
aapt2 dump badging demo.apk
aapt2 dump xmltree demo.apk --file r
Android Studio 反编译
AndroidManifest.xml
dex 反编译为 Smali 字节码
dex格式介绍
- dex 与 jar 包基本对应
- jar 包内包含 java 字节码组成的多个 class 文件
- dex 包内包含所有的 dalvik 字节码
dex 反编译
- dex 反编译为单个的 smali 文件
- smali 文件再重新编译为 dex
- dex 文案格式
- Dalvik 字节码
- smali 语法
smali 语法 类型
| 类型缩写 | 类型说明 |
|---|---|
| V | void - can only be used for return types |
| Z | boolean |
| B | byte |
| S | short |
| C | char |
| I | int |
| J | long (64 bits) |
| F | float |
| D | double (64 bits) |
smali 语法 方法调用
# smali字段
Lpackage/name/ObjectName;->FieldName:Ljava/lang/String;
# smali方法
method(I[[IILjava/lang/String;[Ljava/lang/Object;)Ljava/lang/String;
# 对应java语法
String method(int, int[][], int, String, Object[])
dex 反编译工具 dexdump
#只展示class与method列表
dexdump build/apk/classes.dex
#额外展示method的指令
dexdump -d build/apk/classes.dex
#1 : (in Lcom/rockerhieu/emojicon/EmojiconTextView;)
name : 'setEmojiconSize'
type : '(I)V'
access : 0x0001 (PUBLIC)
code -
registers : 2
ins : 2
outs : 2
insns size : 10 16-bit code units
5f8c80: |[5f8c80] com.rockerhieu.emojicon.EmojiconTextView.setEmojiconS
ize:(I)V
5f8c90: 5901 6941 |0000: iput v1, v0, Lcom/rockerhieu/emojicon/EmojiconTextView;.
dhW:I // field@4169
5f8c94: 6e10 50da 0000 |0002: invoke-virtual {v0}, Lcom/rockerhieu/emojicon/EmojiconTe
xtView;.getText:()Ljava/lang/CharSequence; // method@da50
5f8c9a: 0c01 |0005: move-result-object v1
5f8c9c: 6f20 44f2 1000 |0006: invoke-super {v0, v1}, Lcom/tencent/wework/common/views/ConfigurableTextView;.setText:(Ljava/lang/CharSequence;)V // method@f244
5f8ca2: 0e00 |0009: return-void
catches : (none)
positions :
0x0000 line=97
0x0002 line=98
apk 反编译与重新编译 apktool
$ apktool d test.apk
I: Using Apktool 2.6.0 on test.apk
I: Loading resource table...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: 1.apk
I: Regular manifest package...
I: Decoding file-resources...
I: Decoding values */* XMLs...
I: Baksmaling classes.dex...
I: Copying assets and libs...
I: Copying unknown files...
I: Copying original files...
$ apktool b test
I: Using Apktool 2.6.0 on test
I: Checking whether sources has changed...
I: Smaling smali folder into classes.dex...
I: Checking whether resources has changed...
I: Building resources...
I: Building apk file...
I: Copying unknown files/dir...
apktool
A tool for reverse engineering Android apk files
dex 反编译为 java 源代码 jadx
布局文件
<?xml version="1.0" encoding="utf-8"?>
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:form="http://schemas.android.com/apk/res-auto" style="@style/mq">
<com.tencent.mm.ui.bindqq.AutoBottomScrollView android:id="@+id/gni" android:scrollbars="none" style="@style/l8">
<LinearLayout android:gravity="center_horizontal" android:paddingLeft="@dimen/h" android:paddingTop="@dimen/dn" android:paddingRight="@dimen/h" android:paddingBottom="@dimen/dr" style="@style/jd">
<ImageView android:id="@+id/gzg" android:paddingBottom="@dimen/dr" android:layout_width="wrap_content" android:layout_height="wrap_content" android:src="@drawable/b64"/>
<TextView android:textSize="@dimen/d_" android:textColor="@color/akd" android:gravity="center" android:id="@+id/gze" android:layout_width="match_parent" android:layout_height="wrap_content" android:layout_marginBottom="@dimen/dr" android:text="@string/bbf" android:maxLines="4" android:singleLine="false" android:lineSpacingExtra="4dp" style="@style/kz"/>
<com.tencent.mm.ui.base.MMFormInputView android:id="@+id/a9g" form:form_hint="@string/bbu" form:form_layout="@layout/bj6" form:form_title="@string/klq" style="@style/k2"/>
<com.tencent.mm.ui.base.MMFormInputView android:id="@+id/a9f" form:form_hint="@string/bbt" form:form_layout="@layout/bj8" form:form_title="@string/klx" style="@style/k2"/>
<TextView android:textSize="@dimen/d_" android:textColor="@color/b3d" android:gravity="center" android:id="@+id/a9a" android:paddingTop="@dimen/fi" android:paddingBottom="@dimen/fi" android:visibility="invisible" android:layout_width="match_parent" android:layout_height="wrap_content" android:text="@string/bbf" android:lineSpacingExtra="4dp" style="@style/je"/>
<LinearLayout android:id="@+id/a9b" android:layout_marginTop="@dimen/dq" style="@style/le">
<TextView android:textSize="20dp" android:gravity="center" android:layout_gravity="center" android:id="@+id/a9e" android:background="@null" android:padding="0dp" android:text="@string/bbw" style="@style/le"/>
<ProgressBar android:layout_gravity="center" android:id="@+id/a9d" android:visibility="gone" android:layout_width="wrap_content" android:layout_height="wrap_content" style="@style/a2u"/>
</LinearLayout>
</LinearLayout>
</com.tencent.mm.ui.bindqq.AutoBottomScrollView>
</LinearLayout>
apk 反编译综合 IDE Apk Studio
- Cross platform, run on Linux, Mac OS X & Windows
- Decompile/recompile/sign & install APKs
- Built-in code editor (.java; .smali; .xml; .yml) w/ syntax highlighting
- Built-in viewer for image (.gif; .jpg; .jpeg; .png) files
- Built-in hex editor for binary files
