0

I have been searching around the web for some days and I have not found any known way/tool/library to disassemble APK file into source code from my app.

My goal is to get readable java files from the APK file only by using programmed functions of my app (or usable Android integrated features) but without external third-party solutions.

the solution must be fully implemented as an application which will be installed directly on the android device

Dexdump have already been tried, but it didn’t output java files.

This step is crucial for my current educational project, any help will be highly appreciated. Thank you in advance and sorry for my bad English.

Âdëlô Jäsôn
  • 11
  • 2
  • Give us a more specific problem and the error messages you're receiving so we can help you. – ericbn Apr 19 '15 at 20:15
  • maybe you want (I guess) is to make reverse engineering?? http://geeknizer.com/decompile-android-apk-to-java/ – Jordi Castilla Apr 19 '15 at 20:18
  • I'm currently in the early stage of developpement.. the problem is that I can't see the start point to reach my purpose – Âdëlô Jäsôn Apr 19 '15 at 20:20
  • as I mentionned above, the solution must be fully implemented as an application which will be installed directly on the android device – Âdëlô Jäsôn Apr 19 '15 at 20:23
  • That's impossible. Your app can't acces other apps resources. – VadymVL Apr 19 '15 at 20:54
  • my application will be supplied by an apk file to read, no need to have any additionnal ressources.I've heard of dex2jar (for win) will there be any usable implementation under Android ? – Âdëlô Jäsôn Apr 19 '15 at 21:03
  • @VadymVL - actually you are mistaken about that, the compiled-in resources of other applications such as their code are very much accessible, it is only their dynamic data which is by default private. But then the goal of the question is indeed a rather frivolous one. People wanting to do meaningful analysis don't do it on-device, if for no other reason than that an android device is a horrible platform on which to examine even skillfully hand-written source code, to say nothing of the robotic drivel produced by a typical de-compiler. – Chris Stratton Apr 19 '15 at 21:03
  • the analysis that follows the current objective of disassembling an apk file is for the building of an "on board security system", so it must be ON the device.I must harvest strings from the code to retrieve known potentially harmful system calls...etc – Âdëlô Jäsôn Apr 19 '15 at 21:17
  • @JaredBurrows it''s completely different, I'm looking for making the process completely on an Android device. – Âdëlô Jäsôn Apr 19 '15 at 22:36
  • @ÂdëlôJäsôn - that's really not different, just a matter of porting and building the linked tools **which are in source form** to Android. But to find system calls you don't really need to decompile anywhere near to Java, you just need to understand dex file format. Don't forget that **static analysis can't see everything**. And keep in mind that the question would also be eligible for closure as a code request, a result which would get you nowhere. – Chris Stratton Apr 19 '15 at 22:48
  • @ChrisStratton I've failed to extract sys calls from a dex file no matter how hard I tried, can you explain how this could be done ? thank you – Âdëlô Jäsôn Apr 19 '15 at 22:57
  • @ChrisStratton I'm not in need of code, I'm establishing a clear vision of things before start coding – Âdëlô Jäsôn Apr 19 '15 at 23:06
  • Then see the documentation of either the dex format or the existing open source tools which unpack it. – Chris Stratton Apr 19 '15 at 23:39

1 Answers1

1

To give some small advise on libraries you should check out (and learn about):

You should learn how Java code is compiled, and what happens during a compile. But also how the byte code is compressed and what you can do to decompile it.

A known app using some of these libraries to decompile existing apps is: Show Java.

Edit: Some knowledge about proguard could be interesting too! Apps using proguard can still be decompiled but the generated code will be much harder to read, lots of Android apps use proguard these days.

Rolf ツ
  • 8,611
  • 6
  • 47
  • 72
  • Thank you for your answer. I would prefer a less-time consuming approch.is it possible to directly use those librairies in my application, or am I obliged to understand them then adapt them ? – Âdëlô Jäsôn Apr 19 '15 at 22:03
  • You could off course just use them, but a little bit of understanding is required to do so. So you don't need to know everything exactly ;) – Rolf ツ Apr 19 '15 at 22:06
  • I have already tried to import dex2jar using Android Studio but without sucess, any further help or guidness on how to do this ? thank you – Âdëlô Jäsôn Apr 19 '15 at 22:15