smali / baksmali是一个汇编/反汇编器所使用的Dalvik,Android的Java虚拟机实现的DEX格式。语法是松散的基础上茉莉的/ dedexer的语法,并支持DEX格式的全部功能(注释,调试信息,线路信息等) 资料来源:

smali首页 | 卡利smali回购

  • 作者:本Gruver
  • 许可:BSD

    0x01 包含在smali包工具

    smali - 汇编了一套smali文件转换成一个DEX文件

    :~# smali --help
    usage: java -jar smali.jar [options] [--] [<smali-file>|folder]*
    assembles a set of smali files into a dex file
    -?,--help                      prints the help message then exits. Specify twice for debug options
    -a,--api-level <API_LEVEL>     The numeric api-level of the file to generate, e.g. 14 for ICS. If not
                                  specified, it defaults to 14 (ICS).
    -o,--output <FILE>             the name of the dex file that will be written. The default is out.dex
    -v,--version                   prints the version then exits
    -x,--allow-odex-instructions   allow odex instructions to be compiled into the dex file. Only a few
                                  instructions are supported - the ones that can exist in a dead code path and not
                                  cause dalvik to reject the class

    0x02 baksmali - 反汇编和/或转储DEX文件

    :~# baksmali --help
    usage: java -jar baksmali.jar [options] <dex-file>
    disassembles and/or dumps a dex file
    -?,--help                                  prints the help message then exits. Specify twice for debug options
    -a,--api-level <API_LEVEL>                 The numeric api-level of the file being disassembled. If not
                                              specified, it defaults to 14 (ICS).
    -b,--no-debug-info                         don't write out debug info (.local, .param, .line, etc.)
    -c,--bootclasspath <BOOTCLASSPATH>         the bootclasspath jars to use, for analysis. Defaults to
                                              core.jar:ext.jar:framework.jar:android.policy.jar:services.jar. If
                                              the value begins with a :, it will be appended to the default
                                              bootclasspath instead of replacing it
    -d,--bootclasspath-dir <DIR>               the base folder to look for the bootclasspath files in. Defaults to
                                              the current directory
    -f,--code-offsets                          add comments to the disassembly containing the code offset for each
    -l,--use-locals                            output the .locals directive with the number of non-parameter
                                              registers, rather than the .register directive with the total number
                                              of register
    -m,--no-accessor-comments                  don't output helper comments for synthetic accessors
    -o,--output <DIR>                          the directory where the disassembled files will be placed. The
                                              default is out
    -p,--no-parameter-registers                use the v<n> syntax instead of the p<n> syntax for registers mapped
                                              to method parameters
    -r,--register-info <REGISTER_INFO_TYPES>   print the specificed type(s) of register information for each
                                              instruction. "ARGS,DEST" is the default if no types are specified.
                                              Valid values are:
                                              ALL: all pre- and post-instruction registers.
                                              ALLPRE: all pre-instruction registers
                                              ALLPOST: all post-instruction registers
                                              ARGS: any pre-instruction registers used as arguments to the
                                              DEST: the post-instruction destination register, if any
                                              MERGE: Any pre-instruction register has been merged from more than 1
                                              different post-instruction register from its predecessors
                                              FULLMERGE: For each register that would be printed by MERGE, also
                                              show the incoming register types that were merged
    -s,--sequential-labels                     create label names using a sequential numbering scheme per label
                                              type, rather than using the bytecode address
    -v,--version                               prints the version then exits
    -x,--deodex                                deodex the given odex file. This option is ignored if the input file
                                              is not an odex file

    0x03 smali用法示例

    :~# coming soon


results matching ""

    No results matching ""