Building DEX files from the command line

Hello everyone, it's great to have you back for our latest article. In our previous session, we uncovered the process behind the scenes that leads to the creation of APK files. Today, we're diving deeper into an intriguing topic – “the generation of DEX files using command line techniques”.


DEX files hold a pivotal role within an Android app. They possess immense value for not only developers but also for individuals engaged in security assessments like attackers or penetration testers.


 In our journey of Reverse Engineering, we frequently encounter DEX files. To demystify this crucial aspect, let's explore how these DEX files are actually crafted during the app development process. And here's the exciting part – we'll perform this exploration through command-line operations. By doing so, we'll gain a more comprehensive understanding as we meticulously dissect each step.

To provide a visual overview, take a glance at the diagram. It outlines the high-level process through which ".dex" files come into existence:

Let's kick off by crafting a basic Java program to initiate the process. 

Here is the Java code snippet that accomplishes a simple task and displays the phrase "Welcome to Android Penetration Testing" on the console:

public class AndroidPentest {
    public static void main(String[] args) {
        System.out.println("Welcome to Android Penetration Testing");
    }
}

Make sure to save this code snippet as a file named "AndroidPentest.java". This is our starting point as we journey into the process.

Now, let's proceed with compiling the Java file:

However, it's crucial to keep in mind what I've mentioned earlier, "avoid using the latest Java Compiler". This is because, using a higher version of the JDK, could lead to creating a “.class” file that's incompatible when compiling a DEX file.


Recap: Setting Up Android Penetration Testing Environment

This article provides a recap of the steps and instructions for setting up an Android penetration testing environment. It covers the essential aspects of preparing your system for Android security testing and assessment.


The initial compilation process for Java code intended for Android closely resembles that of traditional Java files. We'll utilize the javac compiler. To compile the Java file, execute the command javac, and then mention the filename.

┌──(kali㉿kali)-[~]
└─$ ls
AndroidPentest.java
  
┌──(kali㉿kali)-[~]
└─$ javac AndroidPentest.java
    
┌──(kali㉿kali)-[~]
└─$ ls                       
AndroidPentest.class  AndroidPentest.java  
     
┌──(kali㉿kali)-[~]
└─$

Once this step is complete, you'll have a ".class" file ready. These class files usually contain standard JVM bytecodes. To give you a glimpse, here's a section that reveals the disassembled structure of our ongoing class file.

To run these class files, you can use the "java" command followed by the classname. This will let you directly experience their functionality.

┌──(kali㉿kali)-[~]
└─$ ls                       
AndroidPentest.class  AndroidPentest.java 
  
┌──(kali㉿kali)-[~]
└─$ java AndroidPentest      
Welcome to Android Penetration Testing
                                                          
┌──(kali㉿kali)-[~]
└─$

As demonstrated, you'll witness the output, "Welcome to Android Penetration Testing," displayed in the output console.

However, it's important to note that this class file can't be executed directly on an Android device. This is because, Android has its own distinct bytecode format known as, Dalvik. This format consists of machine-code instructions specifically designed for Android.

Hence, the next phase involves converting this class file into a DEX file format. For this, we'll employ the d8 tool, which can be found in the build tools directory of your Android SDK path.

Before running the d8 tool, we need to compress the class file. Use the "zip" command to compress the class file.

┌──(kali㉿kali)-[~]
└─$ zip AndroidPentest.zip AndroidPentest.class
  adding: AndroidPentest.class (deflated 33%)
         
┌──(kali㉿kali)-[~]
└─$

To generate the DEX file from the aforementioned class file, open a new terminal within the build tools directory and execute the following command in the terminal.

┌──(kali㉿kali)-[/opt/android-sdk/build-tools/30.0.3]
└─$ ./d8 /home/kali/AndroidPentest.zip --output /home/kali/AndroidPentest.zip

┌──(kali㉿kali)-[/opt/android-sdk/build-tools/30.0.3]
└─$ 

After running this command, you should unzip the resulting output to access the generated DEX file. 

┌──(kali㉿kali)-[~]
└─$ unzip AndroidPentest.zip
Archive:  AndroidPentest.zip
  inflating: classes.dex             
                                                                                                                                 
┌──(kali㉿kali)-[~]
└─$ ls
AndroidPentest.class     AndroidPentest.zip    AndroidPentest.java     classes.dex

If you open this file using a text editor like Mousepad, you'll encounter the contents in an encrypted text format.

┌──(kali㉿kali)-[~]
└─$ mousepad classes.dex

With our preparations complete, we can proceed to execute this file on the Android emulator. Let's place this file into the /data/local/tmp/ directory, and run it there.

To transfer the file onto the emulator, use the command: 

┌──(kali㉿kali)-[~]
└─$ adb push classes.dex /data/local/tmp       
classes.dex: 1 file pushed, 0 skipped. 1.4 MB/s (888 bytes in 0.001s)
                            
┌──(kali㉿kali)-[~]
└─$ 

As you can see, the file has been successfully transferred to the device. This file can be executed using "dalvikvm" from the command line. To execute the file, run: 

┌──(kali㉿kali)-[~]
└─$ adb shell dalvikvm -cp /data/local/tmp/classes.dex AndroidPentest
Welcome to Android Penetration Testing
                        
┌──(kali㉿kali)-[~]
└─$ 

These steps encompass the entire process of building DEX files from the command line.

In our upcoming article, we will delve into fundamental concepts that drive the Android ecosystem. Our topics will include comprehending the Zygote process, the mechanism governing app initiation on Android, and demystifying terms like Garbage Collection, ART (Android Runtime), Android JIT, JIT Compilation, and Dalvik VM.


Fundamental Concepts That Power Android App Development

This article delves into the fundamental concepts that power Android app development. Understanding these core concepts is essential for anyone looking to build Android applications effectively and efficiently.


If you have any doubts or queries, please feel free to leave them in the comment section. Your feedback is valuable to us.

Post a Comment

0 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.

#buttons=(Ok, Go it!) #days=(20)

Our website uses cookies to enhance your experience. Learn More
Ok, Go it!