I am trying to analyse dex files, and I want to know if I can get the java code or what a specific bytes from the dex file mean.
Any help will be appreciated!
Asked
Active
Viewed 181 times
0
-
Does this answer your question? [decompiling DEX into Java sourcecode](https://stackoverflow.com/questions/1249973/decompiling-dex-into-java-sourcecode) – tsvedas Jul 21 '20 at 11:17
-
No, actually I do not want to decompile the whole file, just some parts of it – Lukas Jul 21 '20 at 11:21
1 Answers
0
Getting java code from bytecode is called decompilation, and you will need to use a decompiler. Although I'm not aware of any decompiler that will do partial decompilation of just a snippet of bytecode. There may not even be enough info in that snippet to perform a proper decompilation.
"Or what specific bytes from the dex file mean" - you could try using baksmali's annotated dump functionality. It writes out a format that has the binary bytes on the left side, and a structured text view on the right side corresponding to the bytes on the left side.
e.g.
baksmali dump HelloWorld.dex
...
|-----------------------------
|code_item section
|-----------------------------
|
|[0] code_item: LHelloWorld;->main([Ljava/lang/String
|;)V
0001c4: 0200 | registers_size = 2
0001c6: 0100 | ins_size = 1
0001c8: 0200 | outs_size = 2
0001ca: 0000 | tries_size = 0
0001cc: 0000 0000 | debug_info_off = 0x0
0001d0: 0800 0000 | insns_size = 0x8
| instructions:
0001d4: 6200 0000 | sget-object v0, Ljava/lang/System;->out:Ljava/io
|/PrintStream;
0001d8: 1a01 0000 | const-string v1, "Hello World!"
0001dc: 6e20 0100 1000 | invoke-virtual {v0, v1}, Ljava/io/PrintStream;->
|println(Ljava/lang/String;)V
0001e2: 0e00 | return-void
...
On the left side we have
[offset]: [binary data] and then the right side has the interpreted view. e.g. field name and value, or disassembled instruction, etc.
JesusFreke
- 19,784
- 5
- 65
- 68