Reverse engineer Android native code

Question

I am looking for an reverse engineering tool or a way to decompile the existing android native code to an human understandable format rather than Assembly language. Can anyone please suggest me as i need to unblock one of my priority task.

Thanks in advance.

Thanks Mialwl.. With hex-rays can we get op-codes for Android as well Though it is based on ARM. — msk, Dec 17 '13 at 09:16
That.. makes no sense. Hex-rays is a decompiler, it will give you C-like code (if it works). — fileoffset, Jan 17 '14 at 03:36
Does this answer your question? How do I reverse engineer .so files found in android APKs? — Andrew T., Oct 04 '21 at 14:29

mailwl · Answer 1 · 2013-12-16T10:49:39.090

6

ida pro + hexrays for arm.

IDAPro is best disassembler tool for many processors and file types. HexRays ARM - plugin for IDAPro (doesn't work separately), which trying to decompile assembler to C-like source code

both not free

https://www.hex-rays.com/index.shtml

edited Dec 16 '13 at 10:49

answered Dec 16 '13 at 05:30

mailwl

99
3

1

please improve your answer, with links and descriptions. – Ange Dec 16 '13 at 08:05

score 6 · Answer 2 · edited Jul 15 '14 at 09:45

6

Get the Android NDK and unzip. Use objdump as follows:

android-ndk-r9d\toolchains\arm-linux-androideabi-4.6\prebuilt\windows-x86_64\arm-linux-androideabi\bin\objdump.exe -d libinquestion_jni.so > libinquestion_jni.txt

While trying different disassemblers, I explored that they are not capable to decode every byte sequence, and even worse, they can decode in a wrong way making you wonder how does it ever work. Different ARMs have different instruction sets and use overlapping byte encodings for them. objdump from the Android NDK is a perfect match for CPUs used in Android products, and it's free.

edited Jul 15 '14 at 09:45

perror

19,083
29
87
150

answered Jul 15 '14 at 04:36

OCTAGRAM

161
1
2

is it possible to re-compile the output into ready .so file? – Arsen Zahray Nov 13 '14 at 15:03
Relative offsets cannot be distinguished from integers, so doing this will make little sense. You are either going to produce the same file or something that won't work because disassembler does not make task of making changes to compiled code sufficiently easier. I haven't estimated dump completely, but from what I see, it was not supposed to compile as is. Human readable annotation like "Disassembly of section .plt:" are not commented as they should be in real assembler sources. – OCTAGRAM Nov 14 '14 at 06:15

score 1 · Answer 3 · answered Dec 17 '13 at 20:34

1

The easiest way is to first transfer the APK into a jar file and then decompile the code using your favourite java decompiler (such as jd-gui).

dex2jar has everything you need to have a better representation of your Android application. There is even a user guide that explains exactly what you need to do.

answered Dec 17 '13 at 20:34

jiboutin

71
3

2

But the application what i am looking is native process, not the APK. The native process is developed in C++ – msk Dec 19 '13 at 02:30
Does dex2jar decompile native code? – IgorGanapolsky Nov 01 '16 at 14:57
dex2jar doesn't decompile native code. It only works for managed Java code. – Hao Nguyen Jun 07 '17 at 13:38

Reverse engineer Android native code

3 Answers3