Tool Documentation:

d2j-dex2jar Usage Example

root@kali:~# d2j-dex2jar /usr/share/metasploit-framework/data/android/apk/classes.dex
dex2jar /usr/share/metasploit-framework/data/android/apk/classes.dex -> classes-dex2jar.jar

d2j-jar-remap

root@kali:~# d2j-jar-remap -h
d2j-jar-remap -- rename package/class/method/field name in a jar
usage: d2j-jar-remap [options] jar
options:
 -c,--config <config>    config file for remap, this is REQUIRED
 -f,--force              force overwrite
 -h,--help               Print this help message
 -o,--output <out-jar>   output .jar file, default is $current_dir/[jar-name]-re
                         map.jar
version: 0.0.9.15
online help: https://code.google.com/p/dex2jar/wiki/DeObfuscateJarWithDexTool

dex2jar

root@kali:~# dex2jar
this cmd is deprecated, use the d2j-dex2jar if possible
dex2jar version: translator-0.0.9.15
dex2jar file1.dexORapk file2.dexORapk ...

d2j-dex-dump

root@kali:~# d2j-dex-dump -h
Dump in.dexORapk out.dump.jar

d2j-init-deobf

root@kali:~# d2j-init-deobf -h
d2j-init-deobf -- generate an init config file for deObfuscate a jar
usage: d2j-init-deobf [options] <jar>
options:
 -f,--force                force overwrite
 -h,--help                 Print this help message
 -max,--max-length <MAX>   do the rename if the length > MIN, default is 40
 -min,--min-length <MIN>   do the rename if the length < MIN, default is 2
 -o,--output <out-file>    output .jar file, default is $current_dir/[file-name]
                           -deobf-init.txt
version: 0.0.9.15


Packages and Binaries:

dex2jar

dex2jar contains 4 compments:

dex-reader is designed to read the Dalvik Executable (.dex/.odex) format. It has a light weight API similar with ASM. An example here dex-translator is designed to do the convert job. It reads the dex instruction to dex-ir format, after some optimize, convert to ASM format. dex-ir used by dex-translator, is designed to represent the dex instruction dex-tools tools to work with .class files.

Installed size: 5.80 MB
How to install: sudo apt install dex2jar

Dependencies:
  • default-jre
d2j-apk-sign
root@kali:~# d2j-apk-sign -h
d2j-apk-sign -- Sign an android apk file use a test certificate.
usage: d2j-apk-sign [options] <apk>
options:
 -f,--force                   force overwrite
 -h,--help                    Print this help message
 -o,--output <out-apk-file>   output .apk file, default is $current_dir/[apk-nam
                              e]-signed.apk
 -t,--tiny                    use tiny sign
version: 2.1-SNAPSHOT

d2j-asm-verify
root@kali:~# d2j-asm-verify -h
d2j-asm-verify -- Verify .class in jar
usage: d2j-asm-verify [options] <jar0> [jar1 ... jarN]
options:
 -d,--detail   Print detail error message
 -h,--help     Print this help message
version: 2.1-SNAPSHOT

d2j-baksmali
root@kali:~# d2j-baksmali -h
d2j-baksmali -- disassembles and/or dumps a dex file
usage: d2j-baksmali [options] <dex>
options:
 -b,--no-debug-info            [not impl] don't write out debug info (.local, .p
                               aram, .line, etc.)
 -f,--force                    force overwrite
 -h,--help                     Print this help message
 -l,--use-locals               output the .locals directive with the number of n
                               on-parameter registers, rather than the .register
 -o,--output <out>             output dir of .smali files, default is $current_d
                               ir/[jar-name]-out/
 -p,--no-parameter-registers   use the v<n> syntax instead of the p<n> syntax fo
                               r registers mapped to method parameters
version: 2.1-SNAPSHOT
online help: https://sourceforge.net/p/dex2jar/wiki/Smali

d2j-class-version-switch
root@kali:~# d2j-class-version-switch -h
Usage: clz-version-switch version old.jar new.jar

d2j-decrypt-string
root@kali:~# d2j-decrypt-string -h
d2j-decrypt-string -- Decrypt in class file
usage: d2j-decrypt-string [options] <jar>
options:
 -cp,--classpath <cp>                 add extra lib to classpath
 -d,--delete                          delete the method which can decrypt the st
                                      ings
 -da,--deep-analyze                   use dex2jar IR to static analyze and find 
                                      more values like byte[]
 -f,--force                           force overwrite
 -h,--help                            Print this help message
 -m,--methods <cfg>                   a file contain a list of methods, each lin
                                      e like: La/b;->decrypt(III)Ljava/lang/Stri
                                      ng;
 -mn,--decrypt-method-name <name>     the owner of the method which can decrypt 
                                      the stings, the method's signature must be
                                       static (parameter-type)Ljava/lang/String;
                                      . Please use -pt,--parameter-type to set t
                                      he argument descrypt.
 -mo,--decrypt-method-owner <owner>   the owner of the method which can decrypt 
                                      the stings, example: java.lang.String
 -o,--output <out>                    output of .jar files, default is $current_
                                      dir/[jar-name]-decrypted.jar
 -pd,--parameters-descriptor <type>   the descriptor for the method which can de
                                      crypt the stings, example1: Ljava/lang/Str
                                      ing; example2: III, default is Ljava/lang/
                                      String;
 -t,--arg-types <type>                comma-separated list of types:boolean,byte
                                      ,short,char,int,long,float,double,string. 
                                      Default is string
 -v,--verbose                         show more on output
version: 2.1-SNAPSHOT
online help: 
https://sourceforge.net/p/dex2jar/wiki/DecryptStrings
https://bitbucket.org/pxb1988/dex2jar/wiki/DecryptStrings

d2j-dex-recompute-checksum
root@kali:~# d2j-dex-recompute-checksum -h
d2j-dex-recompute-checksum -- recompute crc and sha1 of dex.
usage: d2j-dex-recompute-checksum [options] dex
options:
 -f,--force                   force overwrite
 -h,--help                    Print this help message
 -o,--output <out-dex-file>   output .dex file, default is [dex-name]-rechecksum
                              .dex
version: 2.1-SNAPSHOT

d2j-dex-weaver
root@kali:~# d2j-dex-weaver -h
d2j-dex-weaver -- replace invoke in dex
usage: d2j-dex-weaver [options] dex
options:
 -c,--config <config>         config file
 -h,--help                    Print this help message
 -o,--output <out-dex-file>   output .dex file
 -s,--stub-dex <stub>         stub dex
version: 2.1-SNAPSHOT
online help: https://sourceforge.net/p/dex2jar/wiki/DexWeaver

d2j-dex2jar
root@kali:~# d2j-dex2jar -h
d2j-dex2jar -- convert dex to jar
usage: d2j-dex2jar [options] <file0> [file1 ... fileN]
options:
 --skip-exceptions            skip-exceptions
 -d,--debug-info              translate debug info
 -e,--exception-file <file>   detail exception file, default is $current_dir/[fi
                              le-name]-error.zip
 -f,--force                   force overwrite
 -h,--help                    Print this help message
 -n,--not-handle-exception    not handle any exceptions thrown by dex2jar
 -nc,--no-code
 -o,--output <out-jar-file>   output .jar file, default is $current_dir/[file-na
                              me]-dex2jar.jar
 -os,--optmize-synchronized   optimize-synchronized
 -p,--print-ir                print ir to System.out
 -r,--reuse-reg               reuse register while generate java .class file
 -s                           same with --topological-sort/-ts
 -ts,--topological-sort       sort block by topological, that will generate more
                               readable code, default enabled
version: reader-2.1-SNAPSHOT, translator-2.1-SNAPSHOT, ir-2.1-SNAPSHOT

d2j-dex2smali
root@kali:~# d2j-dex2smali -h
d2j-baksmali -- disassembles and/or dumps a dex file
usage: d2j-baksmali [options] <dex>
options:
 -b,--no-debug-info            [not impl] don't write out debug info (.local, .p
                               aram, .line, etc.)
 -f,--force                    force overwrite
 -h,--help                     Print this help message
 -l,--use-locals               output the .locals directive with the number of n
                               on-parameter registers, rather than the .register
 -o,--output <out>             output dir of .smali files, default is $current_d
                               ir/[jar-name]-out/
 -p,--no-parameter-registers   use the v<n> syntax instead of the p<n> syntax fo
                               r registers mapped to method parameters
version: 2.1-SNAPSHOT
online help: https://sourceforge.net/p/dex2jar/wiki/Smali

d2j-jar-access
root@kali:~# d2j-jar-access -h
d2j-jar-access -- add or remove class/method/field access in jar file
usage: d2j-jar-access [options] <jar>
options:
 -ac,--add-class-access <ACC>       add access from class
 -af,--add-field-access <ACC>       add access from field
 -am,--add-method-access <ACC>      add access from method
 -f,--force                         force overwrite
 -h,--help                          Print this help message
 -o,--output <out-dir>              output dir of .j files, default is $current_
                                    dir/[jar-name]-access.jar
 -rc,--remove-class-access <ACC>    remove access from class
 -rd,--remove-debug                 remove debug info
 -rf,--remove-field-access <ACC>    remove access from field
 -rm,--remove-method-access <ACC>   remove access from method
version: 2.1-SNAPSHOT

d2j-jar-weaver
root@kali:~# d2j-jar-weaver -h
d2j-jar-weaver -- replace invoke in jar
usage: d2j-jar-weaver [options] jar
options:
 -c,--config <config>         config file
 -h,--help                    Print this help message
 -o,--output <out-jar-file>   output .jar file
 -s,--stub-jar <stub>         stub jar
version: 2.1-SNAPSHOT
online help: https://sourceforge.net/p/dex2jar/wiki/JarWeaver

d2j-jar2dex
root@kali:~# d2j-jar2dex -h
d2j-jar2dex -- Convert jar to dex by invoking dx.
usage: d2j-jar2dex [options] <dir>
options:
 -f,--force                   force overwrite
 -h,--help                    Print this help message
 -o,--output <out-dex-file>   output .dex file, default is $current_dir/[jar-nam
                              e]-jar2dex.dex
version: 2.1-SNAPSHOT

d2j-jar2jasmin
root@kali:~# d2j-jar2jasmin -h
d2j-jar2jasmin -- Disassemble .class in jar file to jasmin file
usage: d2j-jar2jasmin [options] <jar>
options:
 -d,--debug              disassemble debug info
 -e,--encoding <enc>     encoding for .j files, default is UTF-8
 -f,--force              force overwrite
 -h,--help               Print this help message
 -o,--output <out-dir>   output dir of .j files, default is $current_dir/[jar-na
                         me]-jar2jasmin/
version: 2.1-SNAPSHOT
online help: https://sourceforge.net/p/dex2jar/wiki/Jasmin

d2j-jasmin2jar
root@kali:~# d2j-jasmin2jar -h
d2j-jasmin2jar -- Assemble .j files to .class file
usage: d2j-jasmin2jar [options] <jar>
options:
 --no-compute-max
 -cv,--class-version <arg>       default .class version, [1~9], default 6 for JA
                                 VA6
 -d,--dump                       dump to stdout
 -e,--encoding <enc>             encoding for .j files, default is UTF-8
 -f,--force                      force overwrite
 -g,--autogenerate-linenumbers   autogenerate-linenumbers
 -h,--help                       Print this help message
 -o,--output <out-jar-file>      output .jar file, default is $current_dir/[jar-
                                 name]-jasmin2jar.jar
version: 2.1-SNAPSHOT
online help: https://sourceforge.net/p/dex2jar/wiki/Jasmin

d2j-smali
root@kali:~# d2j-smali -h
d2j-smali -- assembles a set of smali files into a dex file
usage: d2j-smali [options] [--] [<smali-file>|folder]*
options:
 --                             read smali from stdin
 -a,--api-level <API_LEVEL>     [not impl] The numeric api-level of the file to 
                                generate, e.g. 14 for ICS. If not specified, it 
                                defaults to 14 (ICS).
 -h,--help                      Print this help message
 -o,--output <FILE>             the name of the dex file that will be written. T
                                he default is out.dex
 -v,--version                   prints the version then exits
 -x,--allow-odex-instructions   [not impl] allow odex instructions to be compile
                                d into the dex file. Only a few instructions are
                                 supported - the ones that can exist in a dead c
                                ode path and not cause dalvik to reject the clas
                                s
version: 2.1-SNAPSHOT
online help: https://sourceforge.net/p/dex2jar/wiki/Smali

d2j-std-apk
root@kali:~# d2j-std-apk -h
d2j-std-zip -- clean up apk to standard zip
usage: d2j-std-zip [options] <zip>
options:
 -h,--help           Print this help message
 -o,--output <out>   The output file
version: 2.1-SNAPSHOT

d2j_invoke
root@kali:~# d2j_invoke --help
Usage: java [options] <mainclass> [args...]
           (to execute a class)
   or  java [options] -jar <jarfile> [args...]
           (to execute a jar file)
   or  java [options] -m <module>[/<mainclass>] [args...]
       java [options] --module <module>[/<mainclass>] [args...]
           (to execute the main class in a module)
   or  java [options] <sourcefile> [args]
           (to execute a single source-file program)

 Arguments following the main class, source file, -jar <jarfile>,
 -m or --module <module>/<mainclass> are passed as the arguments to
 main class.

 where options include:

    -zero	  to select the "zero" VM
    -dcevm	  to select the "dcevm" VM
    -cp <class search path of directories and zip/jar files>
    -classpath <class search path of directories and zip/jar files>
    --class-path <class search path of directories and zip/jar files>
                  A : separated list of directories, JAR archives,
                  and ZIP archives to search for class files.
    -p <module path>
    --module-path <module path>...
                  A : separated list of directories, each directory
                  is a directory of modules.
    --upgrade-module-path <module path>...
                  A : separated list of directories, each directory
                  is a directory of modules that replace upgradeable
                  modules in the runtime image
    --add-modules <module name>[,<module name>...]
                  root modules to resolve in addition to the initial module.
                  <module name> can also be ALL-DEFAULT, ALL-SYSTEM,
                  ALL-MODULE-PATH.
    --enable-native-access <module name>[,<module name>...]
                  modules that are permitted to perform restricted native operations.
                  <module name> can also be ALL-UNNAMED.
    --list-modules
                  list observable modules and exit
    -d <module name>
    --describe-module <module name>
                  describe a module and exit
    --dry-run     create VM and load main class but do not execute main method.
                  The --dry-run option may be useful for validating the
                  command-line options such as the module system configuration.
    --validate-modules
                  validate all modules and exit
                  The --validate-modules option may be useful for finding
                  conflicts and other errors with modules on the module path.
    -D<name>=<value>
                  set a system property
    -verbose:[class|module|gc|jni]
                  enable verbose output for the given subsystem
    -version      print product version to the error stream and exit
    --version     print product version to the output stream and exit
    -showversion  print product version to the error stream and continue
    --show-version
                  print product version to the output stream and continue
    --show-module-resolution
                  show module resolution output during startup
    -? -h -help
                  print this help message to the error stream
    --help        print this help message to the output stream
    -X            print help on extra options to the error stream
    --help-extra  print help on extra options to the output stream
    -ea[:<packagename>...|:<classname>]
    -enableassertions[:<packagename>...|:<classname>]
                  enable assertions with specified granularity
    -da[:<packagename>...|:<classname>]
    -disableassertions[:<packagename>...|:<classname>]
                  disable assertions with specified granularity
    -esa | -enablesystemassertions
                  enable system assertions
    -dsa | -disablesystemassertions
                  disable system assertions
    -agentlib:<libname>[=<options>]
                  load native agent library <libname>, e.g. -agentlib:jdwp
                  see also -agentlib:jdwp=help
    -agentpath:<pathname>[=<options>]
                  load native agent library by full pathname
    -javaagent:<jarpath>[=<options>]
                  load Java programming language agent, see java.lang.instrument
    -splash:<imagepath>
                  show splash screen with specified image
                  HiDPI scaled images are automatically supported and used
                  if available. The unscaled image filename, e.g. image.ext,
                  should always be passed as the argument to the -splash option.
                  The most appropriate scaled image provided will be picked up
                  automatically.
                  See the SplashScreen API documentation for more information
    @argument files
                  one or more argument files containing options
    -disable-@files
                  prevent further argument file expansion
    --enable-preview
                  allow classes to depend on preview features of this release
To specify an argument for a long option, you can use --<name>=<value> or
--<name> <value>.


dex-tools

Updated on: 2024-Mar-11