反编译与手机平板apk提取
目录
反编译与手机平板apk提取 反编译 下载 apktool.bat内容 apktool相关参数 操纵步骤: 1.把设备中的framework-res.apk提取出来 2.把framework-res.apk解析到对应文件夹 3.反编译apk 4.搞定 提取设备系统apk 用python写一个通用的apk提取代码
反编译与手机平板apk提取
仅用于安卓设备
反编译
本文只做介绍
下载
apktool官网: https://ibotpeaches.github.io/Apktool/install/ apktool官方下载地址: https://bitbucket.org/iBotPeaches/apktool/downloads/
apktool.bat内容
@echo off
set PATH=%CD%;%PATH%;
java -jar "%~dp0\apktool.jar" %1 %2 %3 %4 %5 %6 %7 %8 %9apktool相关参数
参数:
Apktool v2.5.0- a tool for reengineering Android apk files
with smali v2.4.0 and baksmali v2.4.0
Copyright 2010 Ryszard Wi?niewski <brut.alll@gmail.com>
Copyright 2010 Connor Tumbleson <connor.tumbleson@gmail.com>
usage: apktool
-advance,--advanced prints advance information.
-version,--version prints the version then exits
usage: apktool if|install-framework [options]<framework.apk>
-p,--frame-path <dir> Stores framework files into <dir>.
-t,--tag <tag> Tag frameworks using<tag>.
usage: apktool d[ecode][options]<file_apk>
-f,--force Force delete destination directory.
-o,--output <dir> The name of folder that gets written. Default is apk.out
-p,--frame-path <dir> Uses framework files located in<dir>.
-r,--no-res Do not decode resources.
-s,--no-src Do not decode sources.
-t,--frame-tag <tag> Uses framework files tagged by <tag>.
usage: apktool b[uild][options]<app_path>
-f,--force-all Skip changes detection and build all files.
-o,--output <dir> The name of apk that gets written. Default is dist/name.apk
-p,--frame-path <dir> Uses framework files located in<dir>.
For additional info, see: https://ibotpeaches.github.io/Apktool/
For smali/baksmali info, see: https://github.com/JesusFreke/smali操纵步骤:
1.把设备中的framework-res.apk提取出来
adb pull /system/framework/framework-res.apk2.把framework-res.apk解析到对应文件夹
apktool_2.5.0 if -p C:\Users\Lvan8\Desktop\temp framework-res.apkD:\G_Working\自动化小工具需求\性能工具\反编译工具\ApkToolBoxStudio_jb51\ApkToolBox Studio_v1.6.4\tool>apktool_2.5.0 if -p C:\Users\Lvan8\Desktop\temp framework-res.apk
I: Framework installed to: C:\Users\Lvan8\Desktop\temp\1.apk13.反编译apk
•1.d 就是将apk反编译成文件夹的形式
•2.-p 后面跟的就是上一个步骤中framework指定的地址
•3.-f 理解为强制的意思
•4.最后接需要反编译的文件的名字(我放在和apptool同一个目录下)
apktool_2.5.0.bat d -p C:\Users\Lvan8\Desktop\temp -f setting.apk反编译的时候想要放在别的目录下,需要加上 -o 参数 ,因为版本升级了
#把对应文件夹下面的apk反编译到主目录下的temp文件夹里面
#每次编译都会覆盖掉temp下面的所有内容
window_apk_path ='../resources/all_apk_files/IconPackCircularAndroidOverlay.apk'
save_path ='../temp/'
os.system(f'apktool_2.5.0.bat d -p {framework_path} -f {window_apk_path} -o {save_path}')apktool反编译时经常会出现下面的信息
1.Input file was not found or was not readable.
3.Exception in thread "main" brut.androlib.AndrolibException: Could not decode ars c fil..........
解决方案:
1和2是因为apktool升级到2.0以上时,使用方式已经替换,格式为:apktool d [-s] -f-o,参数具体的意思可以直接打apktool回车(windows)查看帮助
3是因为apktool版本过低导致,请升级到最新版本,地址:
https://bitbucket.org/iBotPeaches/apktool/downloads
4.搞定
D:\G_Working\自动化小工具需求\性能工具\反编译工具\ApkToolBoxStudio_jb51\ApkToolBox Studio_v1.6.4\tool>apktool_2.5.0.bat d -p C:\Users\Lvan8\Desktop\temp -f setting.apk I: Using Apktool 2.5.0 on setting.apk I: Loading resource table... I: Decoding AndroidManifest.xml with resources... I: Loading resource table from file: C:\Users\Lvan8\Desktop\temp\1.apk I: Regular manifest package... I: Decoding file-resources... I: Decoding values */* XMLs... I: Baksmaling classes.dex... I: Baksmaling classes2.dex... I: Copying assets and libs... I: Copying unknown files... I: Copying original files... D:\G_Working\自动化小工具需求\性能工具\反编译工具\ApkToolBoxStudio_jb51\ApkToolBox Studio_v1.6.4\tool> 15
完整得资源文件
提取设备系统apk
adb pull system/app test
adb pull system/priv-app test
adb pull data/app test#注解: /system/app 存放rom本身附带的软件即系统软件; /data/app 存放用户安装的软件; #注意: /system/priv-app/下的apk不用系统签名,就能够获取signatureOrSystem权限。 /system/app/下的apk,要获取signatureOrSystem权限,必须用系统签名才行。 /data/app下面的apk无法提取,需要把它复制到别的目录下,在下载到电脑 adb shell cp /data/app/com.xueqiu.android-TKqF3b6wXa1KQ3KyKK6o6Q==/base.apk /sdcard/temp123 #获取apk包名 aapt dump badging PartnerBookmarksProvider.apk #获取包名所在路径 adb shell pm path 包名
用python写一个通用的apk提取代码
import os
#获取apk的包名
import time
class Pull_apk():
def__init__(self,package_name,windows_apk_path):
"""
: package_name : apk的包名
: windows_apk_path : 指定电脑存储apk的路径
"""
self.get_package_name = package_name
self.self.windows_apk_path = windows_apk_path
def pull_select_apk(self):
#获取apk所在的路径
apk_path_cmdshow = os.popen(f"adb shell pm path {self.get_package_name}").read()
apk_path = apk_path_cmdshow.split(":")[1].strip()
apk_name = apk_path.split("/")[-1]
windows_apk_path =self.windows_apk_path
#尝试提取到windows系统,如果提取不了,则复制到设备的sdcard目录中,再提取到Windows
try:
msg = os.popen(f'adb pull {apk_path}{windows_apk_path} ').read()
print("----------------")
if"1 file pulled"in msg:
print("apk复制成功")
else:
#复制到sdcard目录下
os.system(f'adb shell cp {apk_path} /sdcard/')
time.sleep(3)
os.system(f'adb pull /sdcard/{apk_name}{windows_apk_path}')
print("else分支,apk复制成功")
exceptExceptionas e :
print(e)
return apk_name作者:梦无矶
博客链接:
https://blog.csdn.net/qq_46158060/article/details/115548687?spm=1001.2014.3001.5501
腾讯云开发者
