Search code examples
androidadbdexsmaliantimalware

how to execute the baksmali.jar in an android device

For the purpose of developing an Anti-malware on Android, I need to have the smali representation of an APK.

I'm trying to execute the the baksmali.jar directly on the device. I asked the author of the tool GitHub: Executing baksmali on an Android device.

I followed the steps according to the post Stack overflow: How to execute the dex file in android with command?

  1. I downloaded the v2.2b4 version
  2. dx --dex --output=classes.dex baksmali.jar I used the dx tool from android/Sdk/build-tools/25.0.2
  3. zip baksmali.zip classes.dex
  4. adb push baksmali.zip /sdcard/ I'm using a genymotion emulator custom phone-4.4.4 API 19
  5. adb shell mkdir /sdcard/dalvik-cache
  6. adb shell ANDROID_DATA=/sdcard dalvikvm -cp /sdcard/baksmali.zip org.jf.baksmali.Main

After that, I'm getting this error message Unable to locate class 'org/jf/baksmali/Main' Precisely

Unable to locate class 'org/jf/baksmali/Main'
java.lang.NoClassDefFoundError: org/jf/baksmali/Main
    at dalvik.system.NativeStart.main(Native Method)
Caused by: java.lang.ClassNotFoundException: Didn't find class "org.jf.baksmali.Main" on path: DexPathList[[zip file "/sdcard/baksmali.zip"],nativeLibraryDirectories=[/system/lib]]
    at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:56)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:497)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:457)
    ... 1 more
    Suppressed: java.io.IOException: unable to open DEX file
        at dalvik.system.DexFile.openDexFileNative(Native Method)
        at dalvik.system.DexFile.openDexFile(DexFile.java:296)
        at dalvik.system.DexFile.<init>(DexFile.java:80)
        at dalvik.system.DexFile.<init>(DexFile.java:59)
        at dalvik.system.DexPathList.loadDexFile(DexPathList.java:263)
        at dalvik.system.DexPathList.makeDexElements(DexPathList.java:230)
        at dalvik.system.DexPathList.<init>(DexPathList.java:112)
        at dalvik.system.BaseDexClassLoader.<init>(BaseDexClassLoader.java:48)
        at dalvik.system.PathClassLoader.<init>(PathClassLoader.java:38)
        at java.lang.ClassLoader.createSystemClassLoader(ClassLoader.java:116)
        at java.lang.ClassLoader.access$000(ClassLoader.java:65)
        at java.lang.ClassLoader$SystemClassLoader.<clinit>(ClassLoader.java:81)
        at java.lang.ClassLoader.getSystemClassLoader(ClassLoader.java:125)
        ... 1 more

I don't understand this error, the classe path is correct.

How can I fix this ?

Thank you in advance.

Solution

  • After moving around, I finally found the solution to the following problem:

    " execute the baksmali.jar in an android device, ideally the execution is launched by an application targeting another application."

    So, lets say we wont to develop an application that is able to "baksmali" (disassemble) another application, without requiring any special permission.

    These are the steps to get the job done:

    • download the baksmali.jar v1.2.3
    • add the jar to the app/libs directory of the android studio project
    • right click on the jar and select the option "Add it as a Library" (use the "Project->project" view to see the libs directory, you may not see it in the "Project->android" view)
    • you can use the org.jf.baksmali.main.mainmethode by passing the CLIarguments to that method using a String[]

    Here is a helloWorld App illustrating the use cas:

    GitHub: Baksmali Hello world

    After launchig the application you should see folders in the /data/data/com.example.bartman.baksmalihelloworld/<name_of_baksmali_output>