分析一個APK,發現APK反編譯正常,能得到所有smali代碼和xml文件,
接着使用dex2jar想把dex轉抱成jar包,使逆向分析看起來更加方便,但是卻出現瞭如下異常:
<span style="color:#ff0000;">com.googlecode.dex2jar.DexException: while accept method:[La/a/a;.bc()Ljava/lang/String;]</span>
at com.googlecode.dex2jar.reader.DexFileReader.acceptMethod(DexFileReader.java:694)
at com.googlecode.dex2jar.reader.DexFileReader.acceptClass(DexFileReader.java:441)
at com.googlecode.dex2jar.reader.DexFileReader.accept(DexFileReader.java:323)
at com.googlecode.dex2jar.v3.Dex2jar.doTranslate(Dex2jar.java:85)
at com.googlecode.dex2jar.v3.Dex2jar.to(Dex2jar.java:261)
at com.googlecode.dex2jar.v3.Dex2jar.to(Dex2jar.java:252)
at com.googlecode.dex2jar.v3.Main.doData(Main.java:43)
at com.googlecode.dex2jar.v3.Main.doData(Main.java:35)
at com.googlecode.dex2jar.v3.Main.doFile(Main.java:63)
at com.googlecode.dex2jar.v3.Main.main(Main.java:86)
Caused by: com.googlecode.dex2jar.DexException: while accept code in method:[La/a/a;.bc()Ljava/lang/String;]
at com.googlecode.dex2jar.reader.DexFileReader.acceptMethod(DexFileReader.java:684)
... 9 more
Caused by: java.lang.IllegalArgumentException: Id out of bound
at com.googlecode.dex2jar.reader.DexFileReader.getType(DexFileReader.java:556)
at com.googlecode.dex2jar.reader.DexOpcodeAdapter.x2c(DexOpcodeAdapter.java:356)
at com.googlecode.dex2jar.reader.DexCodeReader.acceptInsn(DexCodeReader.java:656)
at com.googlecode.dex2jar.reader.DexCodeReader.accept(DexCodeReader.java:337)
at com.googlecode.dex2jar.reader.DexFileReader.acceptMethod(DexFileReader.java:682)
... 9 more
看起來都是google.code.dex2jar工具代碼異常,但是我們仔細看第一行提示信息:
# virtual methods
.method public bc()Ljava/lang/String;
.locals 6
.prologue
.line 5
#unknown opcode: 0xff
nop
:cond_0
if-le v1, v4, :cond_0
.line 6
.local v2, "cca":Ljava/lang/String;
...
發現 第一行:
#unknown opcode: 0xff
哦,看來就是看雪上那個保護APK的方法,http://bbs.pediy.com/showthread.php?t=177114
插入了相應的無效代碼,導致了dex2jar工具解析出錯了,
1.接下來我把這句直接刪除,
2.再把smali回編譯成dex
3.再用dex2jar工具重新嘗試,果然這下出來了正常的jar包,用jd-gui或者luten可以正常查看java代碼了,
逆向分析有了更加直接的參考代碼。大家如果遇到此類解析出錯了,不防嘗試此方法。原帖地址:http://blog.csdn.net/zhuobattle/article/details/38982891
注:1.利用不同的工具,最好是命令行,獲取報錯信息; 2.查看報錯信息一定要抓包關鍵的類和信息,一般在第一行顯現.. |