Frida-dexdump使用

配置Pc端

pip install frida-dexdump  #下载frida-dexdump 这个会下载最新版 请注意查看版本

配置客户端

frida GitHub地址：https://github.com/frida/frida/releases  #注意要下server版本的
adb push frida-server /data/local/tmp  #将文件push到虚拟机
adb shell
cd /data/local/tmp  
chmod 777 frida-server #权限
./frida-server #启动服务

开始dump操作

frida-dexdump -U -f 包名

对dex文件操作

#这个用于对dex文件进行合并并反编译  更改三个参数就行 dex目录 输出目录 jadx的目录
import subprocess
import os

def merge_dex_files(dex_directory, output_dir, jadx_path):
    # Check if the dex_directory exists
    if not os.path.exists(dex_directory):
        print(f"The directory {dex_directory} does not exist.")
        return

    # Create output directory if it doesn't exist
    if not os.path.exists(output_dir):
        os.makedirs(output_dir)

    # List all files in the given directory
    dex_files = [os.path.join(dex_directory, f) for f in os.listdir(dex_directory) if f.endswith('.dex')]

    if not dex_files:
        print("No DEX files found in the directory.")
        return

    # Base jadx command
    jadx_command = [jadx_path, '-d', output_dir]

    # Add all DEX files to the command
    jadx_command.extend(dex_files)

    try:
        print(f"Running command: {' '.join(jadx_command)}")
        
        # Run the command
        result = subprocess.run(jadx_command, capture_output=True, text=True)
        
        # Print stdout and stderr
        print("Output:\n", result.stdout)
        print("Error Output:\n", result.stderr)
        
        # Check for errors
        result.check_returncode()
        
        print("DEX files successfully merged and decompiled into:", output_dir)
    except subprocess.CalledProcessError as e:
        print("Error during merging and decompiling DEX files:", e)
        print("Output:", e.output)
        print("Error Output:", e.stderr)

if __name__ == "__main__":
    # Directory containing DEX files
    dex_directory = "/Users/liu/Desktop/liuheyi/com.google.android.apps.maps-server_recovery_process_scheduled/"  # Replace with the path to your DEX files directory

    # Output directory for the merged and decompiled code
    output_dir = "/Users/liu/Desktop/output/Dex-aijiami"

    # Path to jadx executable
    jadx_path = "/Users/liu/Desktop/liuheyi/jadx-master/build/jadx/bin/jadx"

    # Merge and decompile the DEX files
    merge_dex_files(dex_directory, output_dir, jadx_path)

会有很多的Dex文件 但大多都是很小很小的壳 查找一个比较大的文件 然后继续使用jadx进行反编译就可以查看大多数java代码 如果只想看目录可以使用Android studio