1) 不需要另外下载 baksmali-2.1.2.jar, apktool.jar 好像都包含了。
apktool d zhanqi.xxx.apk -o zhanqi
2) smalidea-0.03.zip 的 Android Studio插件装上之后,就可以调试 1) 生成的 smali 文件了
https://github.com/JesusFreke/smali/wiki/smalidea
- Manually disassemble an application using baksmali into a "src" subdirectory of a new project directory, e.g.
baksmali myapp.apk -o ~/projects/myapp/src - In IDEA, import a new project, and select the project directory. e.g.
~/projects/myapp - Use the "Create project from existing sources" option when importing the project
- Once the project has been created, right click on the src directory and select "Mark Directory As->Sources Root"
- Open the project settings and select/create an appropriate JDK
- Install/start the application on the device
- Run ddms, and select the application's process
- In IDEA, Create a new "Remote" debug configuration (Run->Edit Configurations), and change the debug port to 8700
- Run->Debug
- The application should pause if/when the breakpoint is hit, at which point you can single step, add watches, etc.
3)重新打包decomplie出来的smali
D:projandroid>apktool b zhanqi I: Using Apktool 2.1.1 I: Checking whether sources has changed... I: Smaling smali folder into classes.dex... I: Checking whether resources has changed... I: Building apk file... I: Copying unknown files/dir...
4)重新签名打包的apk 文件
a) 下载sign.jar 和 signapk.jar https://github.com/appium/sign
b) 会生成 .s.apk 文件
D:projandroid>java -jar sign.jar .zhanqidistzhanqi_v2_6_8.apk
D:projandroid>adb install .zhanqidistzhanqi_v2_6_8.s.apk
5)启动app时就截住断点的方法
.method protected onCreate(Landroid/os/Bundle;)V .locals 4 .prologue .line 66 invoke-static {}, Landroid/os/Debug;->waitForDebugger()V