Is there a way to get the source code from an APK file?

Question

The hard drive on my laptop just crashed and I lost all the source code for an app that I have been working on for the past two months. All I have is the APK file that is st

Answer 1

based on your condition, if your android apk:

Condition1: NOT harden (by Tencent Legu/Qihoo 360/...)

Choice1: using online service

such as:

using www.javadecompilers.com

goto:

• http://www.javadecompilers.com/apk
  • Note: internally using Jadx

to auto decode from apk to java sourcecode

steps:

upload apk file + click Run + wait some time + click Download to get zip + unzip ->

sources/com/{yourCompanyName}/{yourProjectName}

is your expected java source code

Choice2: decompile/crack by yourself

use related tool to decompile/crack by yourself:

use jadx/jadx-gui convert apk to java sourcecode

download jadx-0.9.0.zip then unzip to got bin/jadx, then:

• command line mode:
  • in terminal run: jadx-0.9.0/bin/jadx -o output_folder /path_to_your_apk/your_apk_file.apk
  • output_folder will show decoded sources and resources
    • sources/com/{yourCompanyName}/{yourProjectName} is your expected java sourcecode
• GUI mode
  • double click to run jadx-0.9.0/bin/jadx-gui (Linux's jadx-gui.sh / Windows's jadx-gui.bat)
  • open apk file
  • it will auto decoding -> see your expected java sourcecode
  • save all or save as Gradle project

eg:

Condition2: harden (by Tencent Legu/Qihoo 360/...)

the main method of 3 steps:

1. apk/app to dex
2. dex to jar
3. jar to java src

detailed explanation:

Step1: apk/app to dex

use tool (FDex2/DumpDex) dump/hook out (one or multiple) dex file from running app

steps:

prepare environment

• a rooted android
  • real phone
  • or emulator
    • here using Chinese Nox App Player夜神安卓模拟器
      • 
• install your android apk
  • to the phone or emulator
• installed Xposed Installer
  • 
• install FDex2/DumpDex into XPosed and enable it
  • 
  • Note: need restart Xposed to make FDex2 work
  • FDex2 download address, Chinese:
    • 脱壳工具 FDex2-CSDN下载
    • 链接: https://pan.baidu.com/s/1lTF8CN96bxWpFwv7J174lg 提取码: 3e3t
• install your android apk to phone/emulator

dump out dex from running app

• run FDex2 then click your apk name to enable later to capture/hook out dex

  • 
• (in phone/emulator) run your app
• find and copy out the dump out whole apk resources in /data/data/com/yourCompanyName/yourProjectName
  • in its root folder normally will find several dex file
  • 

Step2: dex to jar

use tool (dex2jar) convert (the specific, containing app logic) dex file to jar file

download dex2jar got dex-tools-2.1-SNAPSHOT.zip, unzip got dex-tools-2.1-SNAPSHOT/d2j-dex2jar.sh, then

sh dex-tools-2.1-SNAPSHOT/d2j-dex2jar.sh -f your_dex_name.dex

eg:

dex-tools-2.1-SNAPSHOT/d2j-dex2jar.sh -f com.xxx.yyy8825612.dex
dex2jar com.xxx.yyy8825612.dex -> ./com.xxx.yyy8825612-dex2jar.jar

Step3: jar to java src

use one of tools:

• Jadx
• Procyon
  • GUI tool based on procyon:
    • Luyten
    • Bytecode Viewer
• CRF
• JD-GUI
• some others:
  • Krakatau
  • Fernflower
  • Cavaj

convert jar to java src

for from jar to java src converting effect:

Jadx > Procyon > CRF >> JD-GUI

so recommend use: Jadx/jadx-gui

steps:

• double click to run jadx-gui
• open dex file
• File -> save all

eg:

exported java src:

---

More detailed explanation can see my online ebook Chinese tutorial:

• 安卓应用的安全和破解
  • tutorial's source code on github: crifan/android_app_security_crack: 安卓应用的安全和破解