mirror of
https://github.com/carlospolop/hacktricks
synced 2024-12-19 01:24:50 +00:00
88 lines
5.5 KiB
Markdown
88 lines
5.5 KiB
Markdown
# APK decompilers
|
|
|
|
{% hint style="success" %}
|
|
Learn & practice AWS Hacking:<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">\
|
|
Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
|
|
|
|
<details>
|
|
|
|
<summary>Support HackTricks</summary>
|
|
|
|
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
|
|
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
|
|
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
|
|
|
|
</details>
|
|
{% endhint %}
|
|
|
|
**For further details on each tool check the original post from** [**https://eiken.dev/blog/2021/02/how-to-break-your-jar-in-2021-decompilation-guide-for-jars-and-apks/#cfr**](https://eiken.dev/blog/2021/02/how-to-break-your-jar-in-2021-decompilation-guide-for-jars-and-apks/#cfr)
|
|
|
|
### [JD-Gui](https://github.com/java-decompiler/jd-gui)
|
|
|
|
As the pioneering GUI Java decompiler, **JD-Gui** allows you to investigate Java code within APK files. It's straightforward to use; after obtaining the APK, simply open it with JD-Gui to inspect the code.
|
|
|
|
### [Jadx](https://github.com/skylot/jadx)
|
|
|
|
**Jadx** offers a user-friendly interface for decompiling Java code from Android applications. It's recommended for its ease of use across different platforms.
|
|
|
|
* To launch the GUI, navigate to the bin directory and execute: `jadx-gui`
|
|
* For command-line usage, decompile an APK with: `jadx app.apk`
|
|
* To specify an output directory or adjust decompilation options: `jadx app.apk -d <path to output dir> --no-res --no-src --no-imports`
|
|
|
|
### [GDA-android-reversing-Tool](https://github.com/charles2gan/GDA-android-reversing-Tool)
|
|
|
|
**GDA**, a Windows-only tool, offers extensive features for reverse engineering Android apps. Install and run GDA on your Windows system, then load the APK file for analysis.
|
|
|
|
### [Bytecode-Viewer](https://github.com/Konloch/bytecode-viewer/releases)
|
|
|
|
With **Bytecode-Viewer**, you can analyze APK files using multiple decompilers. After downloading, run Bytecode-Viewer, load your APK, and select the decompilers you wish to use for simultaneous analysis.
|
|
|
|
### [Enjarify](https://github.com/Storyyeller/enjarify)
|
|
|
|
**Enjarify** translates Dalvik bytecode to Java bytecode, enabling Java analysis tools to analyze Android applications more effectively.
|
|
|
|
* To use Enjarify, run: `enjarify app.apk` This generates the Java bytecode equivalent of the provided APK.
|
|
|
|
### [CFR](https://github.com/leibnitz27/cfr)
|
|
|
|
**CFR** is capable of decompiling modern Java features. Use it as follows:
|
|
|
|
* For standard decompilation: `java -jar ./cfr.jar "app.jar" --outputdir "output_directory"`
|
|
* For large JAR files, adjust the JVM memory allocation: `java -Xmx4G -jar ./cfr.jar "app.jar" --outputdir "output_directory"`
|
|
|
|
### [Fernflower](https://github.com/JetBrains/intellij-community/tree/master/plugins/java-decompiler/engine)
|
|
|
|
**Fernflower**, an analytical decompiler, requires building from source. After building:
|
|
|
|
* Decompile a JAR file: `java -jar ./fernflower.jar "app.jar" "output_directory"` Then, extract the `.java` files from the generated JAR using `unzip`.
|
|
|
|
### [Krakatau](https://github.com/Storyyeller/Krakatau)
|
|
|
|
**Krakatau** offers detailed control over decompilation, especially for handling external libraries.
|
|
|
|
* Use Krakatau by specifying the standard library path and the JAR file to decompile: `./Krakatau/decompile.py -out "output_directory" -skip -nauto -path "./jrt-extractor/rt.jar" "app.jar"`
|
|
|
|
### [procyon](https://github.com/mstrobel/procyon)
|
|
|
|
For straightforward decompilation with **procyon**:
|
|
|
|
* Decompile a JAR file to a specified directory: `procyon -jar "app.jar" -o "output_directory"`
|
|
|
|
### [frida-DEXdump](https://github.com/hluwa/frida-dexdump)
|
|
|
|
This tool can be used to dump the DEX of a running APK in memory. This helps to beat static obfuscation that is removed while the application is executed in memory.
|
|
|
|
{% hint style="success" %}
|
|
Learn & practice AWS Hacking:<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">\
|
|
Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
|
|
|
|
<details>
|
|
|
|
<summary>Support HackTricks</summary>
|
|
|
|
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
|
|
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
|
|
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
|
|
|
|
</details>
|
|
{% endhint %}
|