Jadx – Android Reverse Engineering Suite To Convert Android DEX To Java Source Code

JADX Android Reverse Engineering
JADX Android Reverse Engineering

Jadx – Dex to Java Decompiler, Android Reverse Engineering Suite

A Command line and GUI suits to convert Java source code from Android Dex and Apk files.

Main features:

  • decompile Dalvik bytecode to java classes from APK, dex, aar and zip files
  • decode AndroidManifest.xml and other resources from resources.arsc
  • deobfuscator included

jadx-gui features:

  • view decompiled code with highlighted syntax
  • jump to declaration
  • find usage
  • full text search

After download unpack zip file go to bin directory and run:

  • jadx – command line version
  • jadx-gui – UI version

On Windows run .bat files with double-click

Note: ensure you have installed Java 8 or later 64-bit version. For windows you can download it from adoptopenjdk.net (select “Install JRE”).

Install

1. Arch linux
sudo pacman -S jadx

2. macOS
brew install jadx

Build from source

JDK 8 or higher must be installed:

git clone https://github.com/skylot/jadx.git
cd jadx
./gradlew dist

(on Windows, use gradlew.bat instead of ./gradlew)

Scripts for run jadx will be placed in build/jadx/bin and also packed to build/jadx-<version>.zip

Usage

jadx[-gui] [options] <input file> (.apk, .dex, .jar, .class, .smali, .zip, .aar, .arsc)
options:

-d, –output-dir – output directory
-ds, –output-dir-src – output directory for sources
-dr, –output-dir-res – output directory for resources
-r, –no-res – do not decode resources
-s, –no-src – do not decompile source code
–single-class – decompile a single class
–output-format – can be ‘java’ or ‘json’, default: java
-e, –export-gradle – save as android gradle project
-j, –threads-count – processing threads count, default: 4
–show-bad-code – show inconsistent code (incorrectly decompiled)
–no-imports – disable use of imports, always write entire package name
–no-debug-info – disable debug info
–no-inline-anonymous – disable anonymous classes inline
–no-replace-consts – don’t replace constant value with matching constant field
–escape-unicode – escape non latin characters in strings (with \u)
–respect-bytecode-access-modifiers – don’t change original access modifiers
–deobf – activate deobfuscation
–deobf-min – min length of name, renamed if shorter, default: 3
–deobf-max – max length of name, renamed if longer, default: 64
–deobf-rewrite-cfg – force to save deobfuscation map
–deobf-use-sourcename – use source file name as class name alias
–rename-flags – what to rename, comma-separated, ‘case’ for system case sensitivity, ‘valid’ for java identifiers, ‘printable’ characters, ‘none’ or ‘all’ (default)
–fs-case-sensitive – treat filesystem as case sensitive, false by default
–cfg – save methods control flow graph to dot file
–raw-cfg – save methods control flow graph (use raw instructions)
-f, –fallback – make simple dump (using goto instead of ‘if’, ‘for’, etc)
-v, –verbose – verbose output (set –log-level to DEBUG)
-q, –quiet – turn off output (set –log-level to QUIET)
–log-level – set log level, values: QUIET, PROGRESS, ERROR, WARN, INFO, DEBUG, default: PROGRESS
–version – print jadx version
-h, –help – print this help

Example:

  • jadx -d out classes.dex
  • jadx –rename-flags “none” classes.dex
  • jadx –rename-flags “valid,printable” classes.dex
  • jadx –log-level error app.apk

These options also worked on jadx-gui running from command line and override options from preferences dialog.

Download JADX

Also SEE: GDA- Android Reverse Engineering Suite

Join Our Club

Enter your Email address to receive notifications | Join over Million Followers

Previous Article
Happy Halloween

Happy Halloween Offer - Ethical Hacking Courses Bundle | 87% off

Next Article
Google Chrome

Google Patches Chrome ZERO-Day Vulnerability - Update Now

Related Posts
Total
0
Share