Vdex Extractor

一款命令行工具,可以将Vdex文件转换为dex文件,以便于转化为jar文件。

依赖关系

主机系统中应安装以下外部库: zlib

  • macOS with homebrew: brew install zlib-devel
  • macOS with macports: port install zlib
  • Linux with apt: apt install libz-dev
  • Other Linux/Unix systems: Check available package manager or compile from sources
  • Windows with cygwin: Install zlib-devel from cygwin installer

    使用方法

$ bin/vdexExtractor -h
              vdexExtractor ver. 0.5.2
    Anestis Bechtsoudis <anestis@census-labs.com>
  Copyright 2017 - 2018 by CENSUS S.A. All Rights Reserved.

 -i, --input=<path>   : input dir (search recursively) or single file
 -o, --output=<path>  : output path (default is same as input)
 -f, --file-override  : allow output file override if already exists (default: false)
 --no-unquicken       : disable unquicken bytecode decompiler (don't de-odex)
 --deps               : dump verified dependencies information
 --dis                : enable bytecode disassembler
 --ignore-crc-error   : decompiled Dex CRC errors are ignored (see issue #3)
 --new-crc=<path>     : text file with extracted Apk or Dex file location checksum(s)
 --get-api            : get Android API level based on Vdex version (expects single Vdex file)
 -v, --debug=LEVEL    : log level (0 - FATAL ... 4 - DEBUG), default: '3' (INFO)
 -l, --log-file=<path>: save disassembler and/or verified dependencies output to log file (default is STDOUT)
 -h, --help           : this help

实用脚本

### 1、extract-apps-from-device.sh

从连接的Android设备中提取安装包(用户和系统)的ART编译器输出资源(oat、ART、vdex)。还支持提取APK档案的安装包。由于应用了DAC权限,一些系统应用程序数据在没有根访问的情况下可能无法提取。

$ scripts/extract-apps-from-device.sh -h
  Usage: extract-apps-from-device.sh [options]
    options:
      -o|--output <dir>  : Output directory to save extracted data (default is '.')
      -d|--device <devID>: Device serial to use instead of default interactive selection
      --system-apps      : Extract system apps too (default is user apps only)
      --apks             : Extract apks (default is optimized files only)
      -h|--help          : This help message
$ scripts/extract-apps-from-device.sh --system-apps -o /tmp/art_data --apks
[INFO]: Enumerating connected Android devices
[INFO]: Trying to extract data from '163' packages
[INFO]: Extracted data stored under '/tmp/art_data'

2、update-vdex-location-checksums.sh

使用从输入Apk存档文件中提取的CRCs更新Vdex文件位置校验和。有关如何使用该特性欺骗ART和绕过SafetyNet应用程序完整性检查的更多信息,请参阅此处

$ scripts/update-vdex-location-checksums.sh -h
  Usage: update-vdex-location-checksums.sh [options]
    options:
      -i|--input <file> : Input Vdex file to repair location checksum(s) within
      -a|--app <file>   : Input Apk file to extract location checksum(s) from
      -o|--output <dir> : Directory to save updated Vdex file (default is '.')
      -h|--help         : This help message

### 3、tools/deodex/run.sh

帮助工具,以批量方式将(deodex) Vdex资源反编译回标准Dex文件。该工具自动处理CompactDex文件(如Android Pie中介绍的),并使用compact_dex_converter工具(更多信息在这里)转换回StandardDex。由于转换器是作为AOSP源代码的一部分进行编译的,为了方便起见,开发人员维护了一组用于Linux和macOS的二进制文件。

$ tools/deodex/run.sh -h
  Usage: run.sh [options]
    options:
      -i|--input <path> : Directory with Vdex files or single file
      -o|--output <dir> : Directory to save deodex'ed resources (default is '.')
      -k|--keep         : Keep intermediate files (default 'false')
      -h|--help         : This help message

$ tools/deodex/run.sh -i /tmp/vdex_samples -o /tmp/deodexed_samples
[INFO]: Processing 140 input Vdex files
[INFO]: 140 binaries have been successfully deodexed

感谢anestisb开发此工具并开源,github链接:https://github.com/anestisb/vdexExtractor

最后修改:2019 年 11 月 22 日 11 : 12 AM
如果您觉得本文有帮助,且您手头手头宽裕,可以打赏小站,不胜感激