Home

Awesome

Dexer

Build status NuGet

Dexer is an open source framework, written in C#, that reads and writes .DEX files (Dalvik Executable Format) used by the Android Open Source Project.

Usage:

Let's work on the following Android application:

package dexer.poc;
 
import android.app.Activity;
import android.os.Bundle;
 
public class MainActivity extends Activity {
 
        @Override
        public void onCreate(Bundle savedInstanceState) {
                super.onCreate(savedInstanceState);
                setContentView(R.layout.main);
       
                int a = 4;
                int b = 5;
                int result = a*b;
       
                setTitle("This demo rocks: " + result);
        }
}

image

And here is the code of the main method using the Dexer object model: image

Now let’s go back to C# to play a little with this application by changing a string constant and an opcode (adding instead of multiplying):

using System;
using Dexer.Core;
using Dexer.Instructions;
 
namespace Dexer.Debug
{
    class Program
    {
        static void Main(string[] args)
        {
            Dex dex = Dex.Load("classes.dex");
            MethodDefinition method = dex.GetClass("dexer.poc.MainActivity").GetMethod("onCreate");
 
            method.Body.Instructions[5].OpCode = OpCodes.Add_int;
            method.Body.Instructions[7].Operand = "Dexer rocks! ";
 
            dex.Write("output.dex");
            Console.ReadLine();
        }
    }
}

image

Here is the result:

image

Now let’s call a method to change the title color:

using System;
using Dexer.Core;
using Dexer.Instructions;
 
namespace Dexer.Debug
{
    class Program
    {
        static void Main(string[] args)
        {
            Dex dex = Dex.Load("classes.dex");
            MethodDefinition method = dex.GetClass("dexer.poc.MainActivity").GetMethod("onCreate");
 
            method.Body.Instructions[5].OpCode = OpCodes.Add_int;
            method.Body.Instructions[7].Operand = "Dexer rocks! ";
 
            int color; unchecked { color = (int)0xFFFF00FF; }
 
            // Declare a new method reference with prototype
            Prototype prototype = new Prototype(PrimitiveType.Void, new Parameter(PrimitiveType.Int));
            MethodReference setTitleColor = dex.Import(new MethodReference(method.Owner, "setTitleColor", prototype));
 
            // Load the color in a register (n°1) then invoke the method (register n°5 is 'this' in our case)
            var regs = method.Body.Registers;
            Instruction iconst = new Instruction(OpCodes.Const, color, regs[1]);
            method.Body.Instructions.Insert(14, iconst);
 
            Instruction iinvoke = new Instruction(OpCodes.Invoke_virtual, setTitleColor, regs[5], regs[1]);
            method.Body.Instructions.Insert(15, iinvoke);
 
            dex.Write("output.dex");
            Console.ReadLine();
        }
    }
}

image

Here is the result:

image

As you can see, altering DEX files is quite easy with Dexer. In order to rebuild APK packages, I’ve used ApkTool and JarSigner (with the default debug key generated by the Android SDK).

apktool d -s -f DexerPOC.apk output
I: Copying raw classes.dex file...
I: Loading resource table...
I: Decoding resources...
I: Copying assets and libs...

apktool b output DexerPOC.new.apk
I: Copying classes.dex file...
I: Checking whether resources has changed...
I: Building resources...
I: Building apk file...

jarsigner -keystore .\.android\debug.keystore -storepass android -keypass android DexerPOC.new.apk androiddebugkey

adb install DexerPOC.new.apk
586 KB/s (12609 bytes in 0.021s)
        pkg: /data/local/tmp/DexerPOC.new.apk
Success.