android平台下，apk、jar、dex、odex、vdex、art文件相互转换，编译和反编译

apk、jar、dex、odex、vdex相互转换

1. ? to jar
1.1 odex to jar
1.2 dex to jar
1.3 apk to jar
输出结果可能有损
1)、用jadx工具将dex反编译出jar
2)、用dex2jar工具，反编译出jar，如果报错修改dex2jar工具源码
3)、odex to dex，然后执行1)2)

2. ? to dex
2.1 o/vdex to dex | dex to o/vdex
2.2 apk to dex
2.3 jar to dex 
输出结果无损
1)、用odex2dex工具
2)、从apk解压出dex
3)、用dx工具
D:\Android\sdk\platform-tools\***Fm\os-framework>D:\Android\sdk\build-tools\27.0.2\dx --dex --output=target.jar os-framework_org.jar

3. ? to apk
3.1 jar to apk
输出结果无损
将jar导入空工程，重新编译生成apk

3.2 dex to apk
输出结果可能有损
1)、dex to jar后，将jar导入空工程，重新编译生成apk；从apk中取出dex，替换到原来的apk中
2)、dex to jar后，修改jar源码，生成jar，用dx命令重新编译出dex

3.3 odex/vdex to apk
输出结果可能有损
1)、odex/vdex to dex
2)、dex to jar
3)、jar to apk

4. ? to odex
4.1 apk to odex/vdex
4.2 jar to odex/vdex
4.3 dex to odex/vdex
输出结果无损
1、apk安装方式
1)、用空工程集成jar源码，生成apk
2)、在真机上安装apk
3)、拉出odex和vdex文件
2、使用dex2odex工具
 

附逆向工具网站：

X:\Android\sdk\build-tools\**.*.*\dx.bat

phone: /system/framework/dex2oat 等等

https://chocolatey.org/packages/jadx/

https://github.com/anestisb/vdexExtractor

https://github.com/pxb1988/dex2jar

https://github.com/testwhat/SmaliEx

https://github.com/JesusFreke/smali

https://bitbucket.org/JesusFreke/smali/downloads/

https://github.com/rover12421/ShakaApktool

https://github.com/search?q=odex2dex

附逆向工具解析：

1、apktool（解包apk，打包apk）

解包apk
   apktool d[ecode] [options] <file_apk>
打包apk
   apktool b[uild] [options] <app_path>
安装framework资源
apktool if|install-framework [options] <framework-res.apk>

工具说明：
Apktool v2.2.0 - a tool for reengineering Android apk files
with smali v2.1.3 and baksmali v2.1.3

 -advance,--advanced   prints advance information.
 -version,--version         prints the version then exits

usage: apktool if|install-framework [options] <framework.apk>
 -p,--frame-path <dir>   Stores framework files into <dir>.
 -t,--tag <tag>               Tag frameworks using <tag>.

usage: apktool d[ecode] [options] <file_apk>
 -f,--force                       Force delete destination directory.
 -o,--output <dir>           The name of folder that gets written. Default is apk.out
 -p,--frame-path <dir>   Uses framework files located in <dir>.
 -r,--no-res                    Do not decode resources.
 -s,--no-src                    Do not decode sources.
 -t,--frame-tag <tag>     Uses framework files tagged by <tag>.

usage: apktool b[uild] [options] <app_path>
 -f,--force-all                 Skip changes detection and build all files.
 -o,--output <dir>          The name of apk that gets written. Default is dist/name.apk
 -p,--frame-path <dir>   Uses framework files located in <dir>.
使用命令示例：
 apktool.bat if framework-res\framework-res.apk -p .
 apktool.bat d -f Settings.apk -p ..\..\framework
 apktool.bat d -f system\priv-app\Settings\Settings.apk
 
2、smali/baksmali（apktool利用该工具来反编译/打包dex文件）
 反编译jar/apk中的dex文件
  java -Xmx1024M -jar baksmali.jar -l -o out x.jar
合成smali文件为dex文件
  java –Xmx1024M -jar smali.jar -o "out\classes.dex" out

3、jd-gui (java 字节码反编译器: .class -> .java)

4、jadx (dex/apk 反编译器: apk/jar -> java)

5、deodex

SVADeodexer (art .oat)
解包odex，重新打包成dex，生成deodexed后的apk/jar
示例：
如何使用SVADeodexer deodex一个 rom 或者 手机？
adb pull /system/framework 
adb pull /system/app
adb pull /system/priv-app
adb pull /system/build.prop

6、oatdump（分析oat文件）
oatdump 
--list-methods --method-filter=getElem 
--class-filter=com.qiku.android.server.systeminterface.util.SystemUtil 
--oat-file=/data/dalvik-cache/arm64/system@[email protected]
使用说明：
Usage: oatdump [options] ...
    Example: oatdump --image=$ANDROID_PRODUCT_OUT/system/framework/boot.art
    Example: adb shell oatdump --image=/system/framework/boot.art
--list-classes may be used to list target file classes (can be used with filters).
      Example: --list-classes
      Example: --list-classes --class-filter=com.example.foo

  --list-methods may be used to list target file methods (can be used with filters).
      Example: --list-methods
      Example: --list-methods --class-filter=com.example --method-filter=foo

  --class-filter=<class name>: only dumps classes that contain the filter.
      Example: --class-filter=com.example.foo

  --method-filter=<method name>: only dumps methods that contain the filter.
      Example: --method-filter=foo

  --export-dex-to=<directory>: may be used to export oat embedded dex files.
      Example: --export-dex-to=/data/local/tmp

  --addr2instr=<address>: output matching method disassembled code from relative
                          address (e.g. PC from crash dump)
      Example: --addr2instr=0x00001a3b
      Example: --no-dump:vmap

  --no-disassemble may be used to disable disassembly.
      Example: --no-disassemble

      Native code disassembling
      IDA (Commercial : 2350$ ~ 3525$)
objdump (free, prebuit in Android NDK)
64bit:  aarch64-linux-android-objdump
  ${ndk}\toolchains\aarch64-linux-android-4.9\prebuilt\windows-x86_64\bin

32bit : arm-linux-androideabi-objdump
${ndk}\toolchains\arm-linux-androideabi-4.9\prebuilt\windows-x86_64\bin