Basically I want to be able to decompile apks. And jar files directly on my phone. Can I do that?
Yes, you can. At least, for the most part. The main constraining factor is the small amount of memory available on the device.
1. run the dx util on baksmali.jar, to produce a classes.dex file
2. add the classes.dex file to a new jar (or you can just add it to baksmali.jar)
3. push the jar containing classes.dex to the device somewhere (let's say /data/local/baksmali.jar)
4. dalvikvm -classpath /data/local/baksmali.jar org.jf.baksmali.baksmali <normal baksmali options>
5. bonus points if you then proceded to run baksmali on baksmali.jar (and then the universe implodes)
note: I just tried this with the latest version of baksmali, and there's some weird issue with the baksmali jar file, where it contains duplicate entries of every class file, which causes dx to choke on it. I'll see if I can get that fixed soon, and get a new build out. In the meantime, you can probably find an older version without that problem.
Sweet, thanks for your input. I was out last night and I had this idea for an edit to make, only to become sad because I didn't have access to a computer.
This will help me out a lot.
JesusFreke said:
Yes, you can. At least, for the most part. The main constraining factor is the small amount of memory available on the device.
1. run the dx util on baksmali.jar, to produce a classes.dex file
2. add the classes.dex file to a new jar (or you can just add it to baksmali.jar)
3. push the jar containing classes.dex to the device somewhere (let's say /data/local/baksmali.jar)
4. dalvikvm -classpath /data/local/baksmali.jar org.jf.baksmali.baksmali <normal baksmali options>
5. bonus points if you then proceded to run baksmali on baksmali.jar (and then the universe implodes)
note: I just tried this with the latest version of baksmali, and there's some weird issue with the baksmali jar file, where it contains duplicate entries of every class file, which causes dx to choke on it. I'll see if I can get that fixed soon, and get a new build out. In the meantime, you can probably find an older version without that problem.
Click to expand...
Click to collapse
The problem seems to be within the buildprocess as the generated classes for baksmali and smali are added twice to the *-dev-jar-with-dependencies.jar. As I'm not familar with maven I didn't fixed the source of the error but I managed to get it working.
I attached a small pythonscript which is able to remove the dublicated files within the jar. Just run it over the file and get a fixed version which is processable by dx.
The script:
Code:
#!/usr/bin/python
import sys
from zipfile import *
if len(sys.argv) != 3:
print("Usage: %s input.jar output.jar" % sys.argv[0]);
sys.exit(-1)
input = ZipFile(sys.argv[1], "r")
output = ZipFile(sys.argv[2], "w")
seen = []
for file in input.namelist():
if file not in seen:
output.writestr(file, input.read(file))
seen.append(file)
else:
print("dub found: %s" % file)
input.close()
output.close()
sorry ...
Wrong place
JesusFreke said:
Yes, you can. At least, for the most part. The main constraining factor is the small amount of memory available on the device.
1. run the dx util on baksmali.jar, to produce a classes.dex file
2. add the classes.dex file to a new jar (or you can just add it to baksmali.jar)
3. push the jar containing classes.dex to the device somewhere (let's say /data/local/baksmali.jar)
4. dalvikvm -classpath /data/local/baksmali.jar org.jf.baksmali.baksmali <normal baksmali options>
5. bonus points if you then proceded to run baksmali on baksmali.jar (and then the universe implodes)
note: I just tried this with the latest version of baksmali, and there's some weird issue with the baksmali jar file, where it contains duplicate entries of every class file, which causes dx to choke on it. I'll see if I can get that fixed soon, and get a new build out. In the meantime, you can probably find an older version without that problem.
Click to expand...
Click to collapse
I realize this is a very old thread, but it is exactly what I am looking for However, it seems there are Java 8 features in smali/baksmali now and dx does not work. Is there a workaround for this or any other way to run smali/baksmali from terminal on Android? Thanks!
The older versions of smali may still work for you. Or what I've done is use Termux and download the jdk for arm64 and used the ndk to compile smali on my device.
Delgoth said:
The older versions of smali may still work for you. Or what I've done is use Termux and download the jdk for arm64 and used the ndk to compile smali on my device.
Click to expand...
Click to collapse
Thanks for the reply
However, I am not trying to compile smali on my device. I am trying to run the latest smali/baksmali on my device in Termux. Unfortunately, the older versions will not work for my needs. If you can help I would really appreciate it
But compiling the latest build of small on the device will allow you to use the latest build of smali.
I've been looking everywhere all weekend for this. Where do i locate the lockscreen slider image in order to replace with a custom one? looked all through internal memory and i know it's in a .apk file but which one? i hope somebody can help me with this, thanks in advance.
you have to pull the framework-res.apk file. You also have to be rooted to do this. It should be in system/framework
That should be in /system/framework/framework-res.apk. Once you get that you will need to decompile it with a program like apk Manager, edit the draw-9 pngs, then recompile it with apk Manager.
The reason that you should decompile it is that the lockscreen images that you want to edit are draw-9 png images. Draw-9 pngs are resizable by the system because they have an outer border on all images that tell it how to stretch. When you simply extract them from the framework-res.png, with a program like winzip, they lose that outer border. You need to decompile them in order to maintain that border when you edit them. Recompile them afterwards and then you can put that framework-res.apk on the phone with the new lockscreen.
Download apk Manager
Now here is what I've learned about apk Manager:
put framework-res.apk in the place-apk-here-for-modding folder
run the script
enter 22 to select an apk, then 1 to select your apk
press 9 to decompile the apk
go into the projects/framework-res.apk/res/drawable-hdpi folder and edit your pngs (maintain the border)
go back to the script once your done editing and enter 11 to compile
when asked if it is a system apk enter y
when asked if you want to extract other files too enter y
go into the keep folder that was created and delete any pngs that you changed in the projects folder
if you change any xml files, you will also need to delete the resources.arsc file from the keep folder
go back to the script and press any key to continue
your recompiled framework-res will be in the place-apk-here-for-modding as unsigned-framework-res.apk
extract unsigned-framework-res.apk using winzip, or similar program (this is being it is compressed incorrectly)
go into the folder where you just unzipped the framework and zip it up with the compression mode set to Store - call it framework-res.apk
you are ready to go with a properly editing framework-res.apk, put it on your phone any way you like
Make sure that you have no errors when de-compiling or re-compiling. It might seem like everything is going ok, but you could end up soft bricking your phone if you don't check the log.txt in the apk Manager main folder. Check the log.txt after every decompile and recompile to ensure that you don't have a damaged framework-res.apk.
The output in log.txt should like like this for a proper decompile:
Code:
--------------------------------------------------------------------------
|Sun 05/01/2011 -- 20:11:47.57|
--------------------------------------------------------------------------
java version "1.6.0_25"
Java(TM) SE Runtime Environment (build 1.6.0_25-b06)
Java HotSpot(TM) 64-Bit Server VM (build 20.0-b11, mixed mode)
Could Not Find C:\Users\jbush\Documents\Custom Atrix\Programs\apk_manager_4.9\place-apk-here-for-modding\../place-apk-here-for-modding/signedframework-res.apk
I: Loading resource table...
I: Decoding resources...
I: Copying assets and libs...
And like this for a proper recompile:
Code:
W: Could not find sources
I: Checking whether resources has changed...
I: Building resources...
I: Building apk file...
(skipping index file 'C:\Users\jbush\Documents\Custom Atrix\Programs\apk_manager_4.9\other\..\projects\framework-res.apk\assets\images\Thumbs.db')
(skipping index file 'C:\Users\jbush\Documents\Custom Atrix\Programs\apk_manager_4.9\other\..\projects\framework-res.apk\assets\webkit\Thumbs.db')
The system cannot find the file specified.
If you get any errors about your images then you need to fix them before you can recompile.
thanks, gettin to work on it now.
Replace lockscreen image
I did not use any special software for this. Just copied (using Root explorer on device) file \system\framework\framework-res.apk to sdcard, then easily copied it to PC desktop. Opened the file with Winzip, extracted image zzzzzzzz_default_lockscreenw.jpg (may be the image name is different on your device, so it's better you preview it in order to compare with your lockscreen image) just to notice the image size. Removed the image from apk. Without closing the winzip window I made an image of the same size and name. Then I dragged it inside the Winzip window. Then used reverse steps to put it back in \system\framework.
That's it!
Well, im having problems with apktool. Im using this version: http://forum.xda-developers.com/showthread.php?t=1755243
But its not working... i extract the files into a fodler, i put the java file there (it gives me an error if the java file is not on the folder) and i put framework-res and SemcGenericUxpRes apks on the folder, then from the console "apktool if "both resources" and then "apktool d SystemUI.apk" and even if i dont touck anything, after "apktool b SystemUI" when i push the new SystemUI bak to the phone its not working
im missing something?
I am having problems getting my APKTools to decompile an APK (I'm new to this). Here is my process:
- Downloaded the 3 apktool files and pasted them in the folder C:\APKTool
- Put framework-res.apk in the same folder
-Opened a command prompt in the folder C:\APKTool (Held shift and right clicked on folder)
- Typed "apktool if framework-res.apk"
I get the error:
'java' is not recognized as an internal or external command, operable program or batch file.
- I have the android SDK installed (everything in 32 bit, my eclipse works)
- I have installed the Java JDK in the same folder as the SDK
- Java Runtime environment 7 is installed in C:\Program Files (x86)\Java\jre7
I'm pretty stuck at this point. If it helps my operating system is windows 8 pro 64bit. Any ideas would be greatly appreciated.
Im stupid
Sorry I just reinstalled JRE and it worked fine. Wish I could go back in time before I posted this
So I decided to write up a little guide on how to modify apk and jar files on the Axon 7 for those of you who do not know how and would like to make some modifications such as the ones in my guides.
Prerequisites
A Windows/Linux/Mac computer
A rooted device with TWRP Recovery
USB cable
ADB installed and USB debugging enabled
Java JDK: http://www.oracle.com/technetwork/java/javase/downloads/index.html
APKTool: https://ibotpeaches.github.io/Apktool/install/ (Follow all the instructions)
Baksmali: https://bitbucket.org/JesusFreke/smali/downloads/baksmali-2.2.0.jar
7-Zip or another archive manager
1. Install the frameworks to your computer
Open a command window in your working directory and connect your device to your computer with the USB-C cable.
Pull the framework files with
Code:
adb pull /system/framework/framework-res.apk
adb pull /system/framework/framework-zte-res.apk
Install them
Code:
apktool if framework-res.apk
apktool if framework-zte-res.apk
Depending on which ROM you are on you may need to install other frameworks. The above is for the stock ROM.
2. Decompile the apk/jar file.
Pull the apk/jar you want to decompile with
Code:
adb pull path_to_apk_or_jar
Here are paths for some commonly modified apk/jars:
SystemUI: /system/priv-app/SystemUI_ZTE/SystemUI_ZTE.apk
Settings: /system/priv-app/Settings_ZTE/Settings_ZTE.apk
services.jar: /system/framework/services.jar
Decompile the apk with
Code:
apktool d <apk/jar>
If you did everything correctly, a folder should now exist with the name of your apk/jar.
3. Decompile the .odex file
You can skip this step if your apk/jar does not have an .odex associated with it or you only need to modify res and not smali.
Pull the odex file
Code:
adb pull path_to_odex
For example if you want to pull the odex file for SystemUI you would do
Code:
adb pull /system/priv-app/SystemUI_ZTE/oat/arm64/SystemUI_ZTE.odex
Create a folder called "smali" in the directory of your decompiled apk/jar. Then go back to your working directory.
Pull all boot oat files from your device with
Code:
adb pull /system/framework/arm64
Move all the oat files inside the arm64 folder on your PC to your working directory.
Using baksmali, decompile the odex file to smali
Code:
java -jar baksmali.jar deodex -a <api> filename.odex
where api is 23 for Android 6.0, 24 for Android 7.0, and 25 for Android 7.1
A new folder should now be created called "out". Cut and paste the files and folders inside this folder into the "smali" folder you created earlier.
4. Make your modifications.
5. Recompile the apk/jar
From the working directory (not the directory of the decompiled apk/jar) Recompile the apk/jar with
Code:
apktool b name_of_folder
where name_of_folder is the name of the directory of the decompiled apk/jar.
The complied apk/jar should now exist in the "dist" folder in the directory of the decompiled apk/jar.
6. Sign the apk.
Using 7-zip or another archive manager, copy the res folder, resources.arsc file, and the classes.dex file (if you modified smali in steps 3 and 4) from the NEW apk to the ORIGINAL apk.
7. Replace the apk/jar on your device.
Reboot your device into TWRP recovery with
Code:
adb reboot recovery
For user apps: Make sure data is mounted in TWRP's mount menu. If you have encryption turned on you must enter your password otherwise data will not be mounted!
For system apps and framework files: Make sure system is mounted in TWRP's mount menu. Uncheck "Mount system read-only" if it is checked.
Push the ORIGINAL apk/jar to the correct directory on your device
Code:
adb push <apk/jar> path_to_apk_or_jar
Set correct permissions on the apk/jar
Code:
adb shell chmod 0644 path_to_apk_or_jar
If you did step 3, use TWRP's file manager in Advanced<File Manager to navigate to the apk/jar file's directory and delete the existing .oat or .odex file associated with it.
You did it
No go
Hi,
Tried it with the SystemUI_ZTE.apk (and odex) from the 2017G B08 ROM. I ended up with a folder named SystemUI_ZTE. I created a smali folder in that folder and moved the android, com and cn folders (that I got using the "java -jar oat2dex.jar smali SystemUI_ZTE.odex" command) to that smali folder. But when I try the apktool b command I get the following error:
Code:
C:\Users\Blub\ZTE>apktool b SystemUI_ZTE
I: Using Apktool 2.3.0
I: Checking whether sources has changed...
I: Smaling smali folder into classes.dex...
SystemUI_ZTE\smali\android\support\v17\leanback\app\BackgroundManager.smali[102,4] iput-wide-volatile is an odexed instruction. You cannot reassemble a disassembled odex file unless it has been deodexed.
Exception in thread "main" brut.androlib.AndrolibException: Could not smali file: android/support/v17/leanback/app/BackgroundManager.smali
at brut.androlib.src.SmaliBuilder.buildFile(SmaliBuilder.java:75)
at brut.androlib.src.SmaliBuilder.build(SmaliBuilder.java:59)
at brut.androlib.src.SmaliBuilder.build(SmaliBuilder.java:36)
at brut.androlib.Androlib.buildSourcesSmali(Androlib.java:412)
at brut.androlib.Androlib.buildSources(Androlib.java:343)
at brut.androlib.Androlib.build(Androlib.java:299)
at brut.androlib.Androlib.build(Androlib.java:270)
at brut.apktool.Main.cmdBuild(Main.java:224)
at brut.apktool.Main.main(Main.java:75)
Any idea what I am doing wrong?
TIA,
Cheers,
/Cacti
le_cactus said:
Hi,
Tried it with the SystemUI_ZTE.apk (and odex) from the 2017G B08 ROM. I ended up with a folder named SystemUI_ZTE. I created a smali folder in that folder and moved the android, com and cn folders (that I got using the "java -jar oat2dex.jar smali SystemUI_ZTE.odex" command) to that smali folder. But when I try the apktool b command I get the following error:
Any idea what I am doing wrong?
TIA,
Cheers,
/Cacti
Click to expand...
Click to collapse
I updated the OP with a different tool for the odex file. Try it now.
Hi,
Thanks,but "java -jar baksmali-2.2.0.jar -a 25 -x SystemUI_ZTE.odex -d %CD%" gives me this error
Code:
Exception in thread "main" com.beust.jcommander.MissingCommandException: Expected a command, got -a
at com.beust.jcommander.JCommander.parseValues(JCommander.java:725)
at com.beust.jcommander.JCommander.parse(JCommander.java:304)
at com.beust.jcommander.JCommander.parse(JCommander.java:287)
at org.jf.baksmali.Main.main(Main.java:90)
Cheers,
/Cacti
le_cactus said:
Hi,
Thanks,but "java -jar baksmali-2.2.0.jar -a 25 -x SystemUI_ZTE.odex -d %CD%" gives me this error
Cheers,
/Cacti
Click to expand...
Click to collapse
Try it without any arguments: "java -jar baksmali-2.2.0.jar SystemUI_ZTE.odex"
Hi,
The command "java -jar baksmali.jar deodex -a 25 SystemUI_ZTE.odex"gives me
Code:
Error occurred while loading class path files. Aborting.
org.jf.dexlib2.analysis.ClassPathResolver$ResolveException: Error while loading oat file boot.oat
at org.jf.dexlib2.analysis.ClassPathResolver.loadEntry(ClassPathResolver.java:250)
at org.jf.dexlib2.analysis.ClassPathResolver.loadLocalClassPathEntry(ClassPathResolver.java:179)
at org.jf.dexlib2.analysis.ClassPathResolver.loadLocalOrDeviceBootClassPathEntry(ClassPathResolver.java:191)
at org.jf.dexlib2.analysis.ClassPathResolver.<init>(ClassPathResolver.java:120)
at org.jf.dexlib2.analysis.ClassPathResolver.<init>(ClassPathResolver.java:105)
at org.jf.baksmali.AnalysisArguments.loadClassPathForDexFile(AnalysisArguments.java:129)
at org.jf.baksmali.AnalysisArguments.loadClassPathForDexFile(AnalysisArguments.java:86)
at org.jf.baksmali.DisassembleCommand.getOptions(DisassembleCommand.java:203)
at org.jf.baksmali.DeodexCommand.getOptions(DeodexCommand.java:71)
at org.jf.baksmali.DisassembleCommand.run(DisassembleCommand.java:177)
at org.jf.baksmali.Main.main(Main.java:102)
Caused by: org.jf.dexlib2.analysis.ClassPathResolver$NotFoundException: Cannot find dependency boot-core-libart.oat in null
at org.jf.dexlib2.analysis.ClassPathResolver.loadOatDependencies(ClassPathResolver.java:270)
at org.jf.dexlib2.analysis.ClassPathResolver.loadEntry(ClassPathResolver.java:248)
... 10 more
Cheers,
/Cacti
le_cactus said:
Hi,
The command "java -jar baksmali.jar deodex -a 25 SystemUI_ZTE.odex"gives me
Cheers,
/Cacti
Click to expand...
Click to collapse
pull boot-core-libart.oat from /system/framework/arm64/boot-core-libart.oat and try again
Muchas gracias
Hi,
Had to pull all the .oat files from the /system/framework/arm64/ folder, only then I didn't get an error any more using the command "java -jar baksmali.jar deodex -a 25 SystemUI_ZTE.odex". The "command "java -jar baksmali.jar -a 25 -x SystemUI_ZTE.odex -d %CD%" still gave an error, you might wanna change that in the OP.
Now apktool b SystemUI_ZTE didn't give me any errors anymore. Executed the other steps, and bingo! Everthing seems to work. And byy replacing the charging.ogg, my device charges silently.
Thanks from my wife as she now doesn't wake up when I go to bed (and connect the charger). Many thanks for your patience and your excelent guide! I guess I'll bemodding some more APK's now
Cheers,
/Cacti
le_cactus said:
Hi,
Had to pull all the .oat files from the /system/framework/arm64/ folder, only then I didn't get an error any more using the command "java -jar baksmali.jar deodex -a 25 SystemUI_ZTE.odex". The "command "java -jar baksmali.jar -a 25 -x SystemUI_ZTE.odex -d %CD%" still gave an error, you might wanna change that in the OP.
Now apktool b SystemUI_ZTE didn't give me any errors anymore. Executed the other steps, and bingo! Everthing seems to work. And byy replacing the charging.ogg, my device charges silently.
Thanks from my wife as she now doesn't wake up when I go to bed (and connect the charger). Many thanks for your patience and your excelent guide! I guess I'll bemodding some more APK's now
Cheers,
/Cacti
Click to expand...
Click to collapse
Great! I'll add that to the OP! Thanks for helping me out!
Updated the OP with a new signing method that should fix boot hang issues with some apks (aka Settings_ZTE)
bkores said:
Updated the OP with a new signing method that should fix boot hang issues with some apks (aka Settings_ZTE)
Click to expand...
Click to collapse
IMO it was just the same as your previous method (under 5.)was saying : move META-INF ( and manifest but not necessary imo) from original apk into the new apk (in dist folder).
Now you're saying : put res, resources and classes from new apk into new apk...that's just the same, no ? Only more files to move imo.
Since res, resources and classes are indeed changing by compile, wouldn't it be better by just saying : put META-INF from original apk into new apk, like you first wrote in OP ? Easier no ?
ALSO : under 6. you say : Open a command window in the "dist" folder and push the ORIGINAL apk/jar to the correct directory on your device
Shouldn't that be : push ORIGINAL (since you copied files under 5 from NEW(in "dist") to ORIGINAL(in working folder) ) FROM WORKING FOLDER ? Since there is no original apk in DIST folder, only our new apk. Imo you make things a bit confusing here, no ? :cyclops:
raystef66 said:
IMO it was just the same as your previous method (under 5.)was saying : move META-INF ( and manifest but not necessary imo) from original apk into the new apk (in dist folder).
Now you're saying : put res, resources and classes from new apk into new apk...that's just the same, no ? Only more files to move imo.
Since res, resources and classes are indeed changing by compile, wouldn't it be better by just saying : put META-INF from original apk into new apk, like you first wrote in OP ? Easier no ?
ALSO : under 6. you say : Open a command window in the "dist" folder and push the ORIGINAL apk/jar to the correct directory on your device
Shouldn't that be : push ORIGINAL (since you copied files under 5 from NEW(in "dist") to ORIGINAL(in working folder) ) FROM WORKING FOLDER ? Since there is no original apk in DIST folder, only our new apk. Imo you make things a bit confusing here, no ? :cyclops:
Click to expand...
Click to collapse
Fixed!
bkores said:
Fixed!
Click to expand...
Click to collapse
Thnx Mate ! Appreciate all your work :good:
i have some problem with framework.jar, it doesn't have classes.dex in jar but it also doesn't have odex file in /system/framework/oat/arm64 (also arm). Because of it i can't decompile it using smali/baksmali tool. I want to make more volume steps mode like VolumeSteps+ but without Xposed. Hope someone can help.