Day 16 - Jadx
Writer: Karoliina Kemppainen
This Christmas we will be tweeting and blogging one useful CSIRT tool each day, thanking its makers and maintainers.
Today’s tool is Jadx which was originally created by Skylot. Thanks for creating this handy tool!
Jadx is a dex to java compiler. It has command line and GUI tools for produce Java source code from Android Dex and Apk files. In this article we will focus on command line features, for GUI and it's features check out Jadx Github page This tool main features are decompile Dalvik bytecode to java classes from APK, dex, aar and zip files; decode AndroidManifest.xml and other resources from resources.arsc and it has deobfuscator.
Running jadx with cincan tool is simple:
cincan run cincan/jadx _samples/android_apk/selendroid-test-app-dex2jar.jar
Just give path to the package you want to decompile and it produces the java files.
As usually, you can also give output directory as an argument
cincan run cincan/jadx _samples/android_apk/selendroid-test-app-dex2jar.jar -d jadx-cincan
And the output directory contains the decoded source and resource files:
ls -la jadx-cincan/resources/io/selendroid/testapp/ jadx-cincan/sources/io/selendroid/testapp/
And without cincan jadx can be used as follows (note: this command is run from the folder where sample file is located)
docker run --rm -v $(pwd):/samples cincan/jadx /samples/selendroid-test-app-dex2jar.jar -d /samples/jadx-cincan
Please visit Jadx Github page to learn more about the tool and its other features.
Other resources
A CLI tool called cincan is available to run these different kind of dockerized tools. Installation of this tool is enough - it downloads docker containers automatically when running selected tool. This tool can be installed from PyPi.
Take a look for many other tools in CinCan’s Gitlab repository!