如何调试android应用程序的smali代码?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/20879950/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to debug smali code of an android application?
提问by Dheeraj Kumar Chaudhary
I have a working android application. of which i dont have a source code. I would like to debug a functionality of this application. I could successfully reverse engineer this application apk file using apktool - https://code.google.com/p/android-apktool/This tool generates class files in smali format.
我有一个可用的 android 应用程序。其中我没有源代码。我想调试此应用程序的功能。我可以使用 apktool 成功地对该应用程序 apk 文件进行逆向工程 - https://code.google.com/p/android-apktool/该工具生成 smali 格式的类文件。
My requirement is :
我的要求是:
- To be able to debug a method by adding debug logs.
- To be able to debug method calls by printing a stack trace.
- 能够通过添加调试日志来调试方法。
- 能够通过打印堆栈跟踪来调试方法调用。
To achieve this I need to inject/insert smali equivalent of a debug log or stack trace. I tried adding some smali instruction at the start of one of the method but it crashed with ClassVerifyError.
为了实现这一点,我需要注入/插入相当于调试日志或堆栈跟踪的 smali。我尝试在其中一个方法的开头添加一些 smali 指令,但它因 ClassVerifyError 而崩溃。
Example smali code -
示例 smali 代码 -
.method public declared-synchronized b()V
.locals 2
.prologue
.line 87
monitor-enter p0
:try_start_0
iget-object v0, p0, Lcom/example/viewerlib/t/d;->a:Ljava/lang/Thread;
invoke-virtual {v0}, Ljava/lang/Thread;->isAlive()Z
:
:
Could someone help me out in adding smali debug logs. Thnx in advance.
有人可以帮我添加 smali 调试日志。提前谢谢。
回答by rajan goswami
1. Debug log in smali
1.smali调试登录
Debug log in smali. Say for example inside method test() you want to print "Inside Test()" debug log. At the start of method in smali add following instructions :
调试登录smali。例如,在方法 test() 中,您要打印“Inside Test()”调试日志。在 smali 方法的开头添加以下说明:
sget-object v0, Ljava/lang/System;->out:Ljava/io/PrintStream;
const-string v1, "Inside Test()"
invoke-virtual {v0, v1}, Ljava/io/PrintStream;->println(Ljava/lang/String;)V
Note -You need to be careful while using registers v0,v1 here. In code execution flow, you have to check that you are not using one of the register which is used later in the flow. Or you may get Exception.
注意 -在此处使用寄存器 v0,v1 时需要小心。在代码执行流程中,您必须检查您没有使用流程中稍后使用的寄存器之一。或者你可能会得到异常。
2. StackTrace
2. 堆栈跟踪
Here is the code of smali to print stacktrace of a method
这是 smali 的代码,用于打印方法的堆栈跟踪
Java code
Java代码
public static void printStackTraces() {
StackTraceElement[] stackTraceElements = Thread.currentThread().getStackTrace();
for (StackTraceElement element : stackTraceElements) {
System.out.println("Class name :: " + element.getClassName() + " || method name :: " + element.getMethodName());
}
}
And equivalent smali code is
等效的 smali 代码是
.method public static printStackTraces()V
.locals 7
.prologue
.line 74
invoke-static {}, Ljava/lang/Thread;->currentThread()Ljava/lang/Thread;
move-result-object v2
invoke-virtual {v2}, Ljava/lang/Thread;->getStackTrace()[Ljava/lang/StackTraceElement;
move-result-object v1
.line 75
.local v1, stackTraceElements:[Ljava/lang/StackTraceElement;
array-length v3, v1
const/4 v2, 0x0
:goto_0
if-lt v2, v3, :cond_0
.line 78
return-void
.line 75
:cond_0
aget-object v0, v1, v2
.line 76
.local v0, element:Ljava/lang/StackTraceElement;
sget-object v4, Ljava/lang/System;->out:Ljava/io/PrintStream;
new-instance v5, Ljava/lang/StringBuilder;
const-string v6, "Class name :: "
invoke-direct {v5, v6}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V
invoke-virtual {v0}, Ljava/lang/StackTraceElement;->getClassName()Ljava/lang/String;
move-result-object v6
invoke-virtual {v5, v6}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v5
const-string v6, " || method name :: "
invoke-virtual {v5, v6}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v5
invoke-virtual {v0}, Ljava/lang/StackTraceElement;->getMethodName()Ljava/lang/String;
move-result-object v6
invoke-virtual {v5, v6}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v5
invoke-virtual {v5}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v5
invoke-virtual {v4, v5}, Ljava/io/PrintStream;->println(Ljava/lang/String;)V
.line 75
add-int/lit8 v2, v2, 0x1
goto :goto_0
.end method
Add this method into any smali file. And call as
将此方法添加到任何 smali 文件中。并称为
(Assuming you added above smali code into com.example.pakagename.ClassName)
(假设您将上述 smali 代码添加到 com.example.pakagename.ClassName 中)
invoke-static {}, Lcom/example/packagename/ClassName;->printStackTraces()V
Hope this helps .....
希望这可以帮助 .....
回答by marcinj
I suggest using apkanalyzer from sony:
我建议使用索尼的 apkanalyzer:
https://github.com/sonyxperiadev/ApkAnalyser
https://github.com/sonyxperiadev/ApkAnalyser
it allows you to decompile apk-s and read smali code, insert print statements into various places. There is menu option: "Print custom log", you can also print stacktrace, and do lots of other things. After all the changes you just press Device->Install and start apk. All from GUI.
它允许您反编译 apk-s 并读取 smali 代码,将打印语句插入到各个位置。有菜单选项:“打印自定义日志”,您还可以打印堆栈跟踪,以及做很多其他事情。完成所有更改后,您只需按 Device->Install 并启动 apk。全部来自 GUI。
回答by Owehbeh
hey I was thinking that You might find this tool helpful
嘿,我在想你可能会发现这个工具有帮助
it decompiles any apk file to a java written code classes
它将任何 apk 文件反编译为 Java 编写的代码类
check this link and give it a try
检查此链接并尝试一下
回答by ASD
Sorry to point out that apkanalyzer is a ststic analyser For understanding and editing smali code, try the following
抱歉指出 apkanalyzer 是一个 ststic 分析器为了理解和编辑 smali 代码,请尝试以下操作
http://themasterofmagik.wordpress.com/2014/03/08/decompilerecompile-an-apk-basic-editing/
http://themasterofmagik.wordpress.com/2014/03/08/decompilerecompile-an-apk-basic-editing/
It explains editing in various scenarios. What tool to use and when.
它解释了在各种情况下的编辑。使用什么工具以及何时使用。
Different approaches to Decompile/Recompile an apk
反编译/重新编译 apk 的不同方法
a. apk
1. apktool + Notepad++
2. Virtuous Ten Studio
3. AndroChef Java Decompiler
b. classes.dex
1. smali/baksmali
2. dex2jar + JD-GUI
回答by Fenil
I tried using smalidea plugin but could not get it working so tried with different approach stated below.
我尝试使用 smalidea 插件,但无法使其正常工作,因此尝试使用下面所述的不同方法。
There is an option in Android Studio 3.1.2, Go to File -> Select Profile or Analyze Apk option. It will then decompile the Apk in classes.dex file and out file which will have smali files. You can then Rus As-> Debug option and put breakpoint in any smali files an it will stop at specified breakpoint. This works only if you have single dex file in your application. There is however an work around for multi dex application in which you need to follow below steps -
Android Studio 3.1.2 中有一个选项,转到文件 -> 选择配置文件或分析 Apk 选项。然后它将在 classes.dex 文件和 out 文件中反编译 Apk,该文件将包含 smali 文件。然后,您可以使用 Rus As-> Debug 选项并将断点放在任何 smali 文件中,它会在指定的断点处停止。这仅在您的应用程序中有单个 dex 文件时才有效。然而,多 dex 应用程序有一个解决方法,您需要按照以下步骤操作 -
1) Download Apktool tool from here
1) 从这里下载 Apktool 工具
2) Decompile the Apk using -> apktool d
2) 使用 -> apktool d 反编译 Apk
3) Copy all the smali files generated above in multiple folders - smali, smali_classess2, smali_classes3 and so on into the out folder created from Android Studio -> Analyze Apk method earlier, so that all the smali files are in single folder
3) 将上面生成的多个文件夹中的smali文件——smali、smali_classess2、smali_classes3等全部复制到Android Studio创建的out文件夹中——> 前面分析Apk方法,使所有smali文件都在一个文件夹中
4) This step I am not sure if it is required, but I had followed this, feel free to verify this step. Here you again build the Apk using apktool using folder created in step 2 using command -> apktool b . This will generate all the .dex files and copy all the files in the same location where single classes.dex file was generated using Analyze Apk method earlier.
4)这一步我不确定是否需要,但我已经遵循了这个,请随时验证这一步。在这里,您再次使用 apktool 使用在步骤 2 中创建的文件夹使用 command -> apktool b 构建 Apk。这将生成所有 .dex 文件并将所有文件复制到之前使用分析 Apk 方法生成单个 classes.dex 文件的同一位置。
5) Now use the same Project created using Analyze Apk method and you are good to debug.
5) 现在使用使用分析 Apk 方法创建的相同项目,您可以进行调试。
P.S. - Android studio will complain of debugging using Java code but this method will work. This method is only helpful if you are editing any smali file and you want to debug it.
PS - Android Studio 会抱怨使用 Java 代码进行调试,但此方法有效。此方法仅在您正在编辑任何 smali 文件并希望对其进行调试时有用。
