Day 16 - Jadx

Writer: Karoliina Kemppainen

This Christmas we will be tweeting and blogging one useful CSIRT tool each day, thanking its makers and maintainers.

Today’s tool is Jadx which was originally created by Skylot. Thanks for creating this handy tool!

Jadx is a dex to java compiler. It has command line and GUI tools for produce Java source code from Android Dex and Apk files. In this article we will focus on command line features, for GUI and it's features check out Jadx Github page This tool main features are decompile Dalvik bytecode to java classes from APK, dex, aar and zip files; decode AndroidManifest.xml and other resources from resources.arsc and it has deobfuscator.

Running jadx with cincan tool is simple:

cincan run cincan/jadx _samples/android_apk/selendroid-test-app-dex2jar.jar

Just give path to the package you want to decompile and it produces the java files.

jadx-example1

As usually, you can also give output directory as an argument

cincan run cincan/jadx _samples/android_apk/selendroid-test-app-dex2jar.jar -d jadx-cincan

And the output directory contains the decoded source and resource files:

ls -la jadx-cincan/resources/io/selendroid/testapp/ jadx-cincan/sources/io/selendroid/testapp/

jadx-example3

And without cincan jadx can be used as follows (note: this command is run from the folder where sample file is located)

docker run --rm -v $(pwd):/samples cincan/jadx /samples/selendroid-test-app-dex2jar.jar -d /samples/jadx-cincan

Please visit Jadx Github page to learn more about the tool and its other features.

Other resources

Jadx GitHub

A CLI tool called cincan is available to run these different kind of dockerized tools. Installation of this tool is enough - it downloads docker containers automatically when running selected tool. This tool can be installed from PyPi.

Take a look for many other tools in CinCan’s Gitlab repository!