enjarify 8.6 0.0 L5 Python Enjarify is a tool for translating Dalvik bytecode to equivalent Java bytecode. This allows Java analysis tools to analyze Android applications.

Hi, I'm a package maintainer and while building enjarify in a CI to early catch problems I have detected that the test2 is failing. Python version: 3.5.2 commit: 2a94b403259e9e432fbd9607926db50286de6bc5 log:

==> Starting check()...
running test test1
running test test2
Traceback (most recent call last):
  File "/usr/lib/python3.5/runpy.py", line 184, in _run_module_as_main
    "__main__", mod_spec)
  File "/usr/lib/python3.5/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/build/enjarify-git/src/enjarify-git/enjarify/runtests.py", line 46, in <module>
    executeTest('test{}'.format(i), opts)
  File "/build/enjarify-git/src/enjarify-git/enjarify/runtests.py", line 40, in executeTest
    assert result == expected
AssertionError
==> ERROR: A failure occurred in check().
    Aborting...
==> ERROR: Build failed

Traceback:

com/rise/app/wallet/application/RisingApp.class Traceback (most recent call last):
  File "~/Programs/enjarify/enjarify/main.py", line 38, in translate
    class_data = writeclass.toClassFile(cls, opts)
  File "~/Programs/enjarify/enjarify/jvm/writeclass.py", line 116, in toClassFile
    pool, rest_stream = classFileAfterPool(cls, opts=opts)
  File "~/Programs/enjarify/enjarify/jvm/writeclass.py", line 100, in classFileAfterPool
    writeMethods(pool, stream, cls.data.methods, opts=opts)
  File "~/Programs/enjarify/enjarify/jvm/writeclass.py", line 65, in writeMethods
    code_attrs = writebytecode.finishCodeAttrs(pool, code_irs, opts=opts)
  File "~/Programs/enjarify/enjarify/jvm/writebytecode.py", line 75, in finishCodeAttrs
    return {irdata.method: writeCodeAttributeTail(pool, irdata, opts=opts) for irdata in code_irs}
  File "~/Programs/enjarify/enjarify/jvm/writebytecode.py", line 75, in <dictcomp>
    return {irdata.method: writeCodeAttributeTail(pool, irdata, opts=opts) for irdata in code_irs}
  File "~/Programs/enjarify/enjarify/jvm/writebytecode.py", line 80, in writeCodeAttributeTail
    bytecode, excepts = jumps.createBytecode(irdata)
  File "~/Programs/enjarify/enjarify/jvm/optimization/jumps.py", line 84, in createBytecode
    packed_excepts.append(struct.pack('>HHHH', s_off, e_off, h_off, c))
struct.error: 'H' format requires 0 <= number <= 65535

Looks like s_off, e_off and h_off can be greater than 65k when a DEX file is large enough.

I tried the following fix and it worked:

    try:
        packed_excepts.append(struct.pack('>HHHH', s_off, e_off, h_off, c))
    except struct.error:
        packed_excepts.append(struct.pack('>IIIH', s_off, e_off, h_off, c))

It didn't works. Just show log:

Using python3 as Python interperter ./enjarify/enjarify.sh: line 39: realpath: command not found /usr/local/bin/python3: No module named enjarify.main

I got this results running latest enjarify with latest PyPy3 with Python 3.5 support (hashtests.py using range 10 ):

pypy3 -m enjarify.hashtests  21,44s user 0,11s system 99% cpu 21,552 total

python3.5 -m enjarify.hashtests  73,71s user 0,37s system 99% cpu 1:14,09 total

So there's ~3.4x speed improvement

There are an notable problem which been fixed in dex2jar previously: Many converted class lost ACC_SUPER flag which cause super.someMethod() go to non-existent abstract method (throw error).

When android's dx utility convert java class to dex, it discards ACC_SUPER flag of class, so enjarify should restore it when convert back to jar.

The full modification of dex2jar is here https://github.com/pxb1988/dex2jar/blob/master/dex-translator/src/main/java/com/googlecode/d2j/dex/Dex2Asm.java#L91

According to jvm's spec, interface should not have ACC_SUPER flag.

Hey,

any chance to get a git tag to make it easier to package this great tool? That would be amazing! :smile:

If yes, then it would be gorgeous if you sometimes create a new tag :yum:

cheers anthraxx

Hi,

I used enjarify to covert some commercial apks into jar files. I found it work well on most cases. However, I still find some fail cases, especially when involving some expection sentences. And many fail cases also fails with the use of dex2jar.

So I would like to know what the reason of it is. And what the main advantage of enjarify is. Does it use some unique methods or just consider some special cases?

Thanks for your help! : )

For some reason when using pypy3-2.4.0-win32 and BCV I get this exception: Traceback (most recent call last): File "C:\Users\null.Bytecode-Viewer\enjarify_2\enjarify-master\enjarify\main.py", line 75, in main outfile = open(outname, mode=('wb' if args.force else 'xb')) ValueError: invalid mode: xb

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "H:\Programs\pypy3-2.4.0-win32\lib-python\3\runpy.py", line 161, in _run_module_as_main "main", fname, loader, pkg_name) File "H:\Programs\pypy3-2.4.0-win32\lib-python\3\runpy.py", line 74, in _run_code exec(code, run_globals) File "C:\Users\null.Bytecode-Viewer\enjarify_2\enjarify-master\enjarify\main.py", line 94, in main() File "C:\Users\null.Bytecode-Viewer\enjarify_2\enjarify-master\enjarify\main.py", line 76, in main except FileExistsError: NameError: global name 'FileExistsError' is not defined

However with Python 3.4 it works fine, this is on Windows 7.

Is there maybe something I messed up on with BCV? If that's the case sorry for opening a ticket here, I just wasn't sure because Python 3.4 works perfectly fine, whereas PyPy3 doesn't.

When running enjarify on s390x it fails with the following error:

Traceback (most recent call last):
  File "/usr/lib/python3.5/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/usr/lib/python3.5/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/usr/lib/python3/dist-packages/enjarify/main.py", line 107, in <module>
    main()
  File "/usr/lib/python3/dist-packages/enjarify/main.py", line 97, in main
    translate(data, opts=opts, classes=classes, errors=errors)
  File "/usr/lib/python3/dist-packages/enjarify/main.py", line 27, in translate
    dex = parsedex.DexFile(data)
  File "/usr/lib/python3/dist-packages/enjarify/parsedex.py", line 258, in __init__
    self.classes.append(DexClass(self, defs.off, i))
  File "/usr/lib/python3/dist-packages/enjarify/parsedex.py", line 205, in __init__
    self.name = dex.clsType(words[0])
  File "/usr/lib/python3/dist-packages/enjarify/parsedex.py", line 274, in clsType
    desc = self.type(i)
  File "/usr/lib/python3/dist-packages/enjarify/parsedex.py", line 270, in type
    return self.string(self.u32s[self.type_ids.off//4 + i])
IndexError: array index out of range

The dex file used is available here: https://anonscm.debian.org/git/reproducible/diffoscope.git/tree/tests/data/test1.dex

I think the following problem i'v met is very common for other users, no matter which python debugger used.

For example, I am using PyCharm to debug enjarify, i set main.py as startup script, see following picture:

but main.py went error at:

from . import parsedex

Error message:

/usr/local/Cellar/pypy3/2.4.0/libexec/bin/pypy "/Applications/PyCharm CE.app/Contents/helpers/pydev/pydevd.py" --multiproc --qt-support --client 127.0.0.1 --port 50129 --file /Users/q/Documents/enjarify/enjarify/main.py /tmp/a.apk -o /tmp/a.jar -f
pydev debugger: process 2139 is connecting

Connected to pydev debugger (build 143.1919)
Traceback (most recent call last):
  File "/Applications/PyCharm CE.app/Contents/helpers/pydev/pydevd.py", line 2411, in <module>
    globals = debugger.run(setup['file'], None, None, is_module)
  File "/Applications/PyCharm CE.app/Contents/helpers/pydev/pydevd.py", line 1802, in run
    launch(file, globals, locals)  # execute the script
  File "/Applications/PyCharm CE.app/Contents/helpers/pydev/_pydev_imps/_pydev_execfile.py", line 18, in execfile
    exec(compile(contents+"\n", file, 'exec'), glob, loc)
  File "/Users/q/Documents/enjarify/enjarify/main.py", line 17, in <module>
    from . import parsedex
ValueError: Attempted relative import in non-package

Process finished with exit code 1

The reason is i invoke main.py as file mode, not as package mode. To invoke main.py as package mode, i must specify following option to replace main.py in command line

-m enjarify.main

The easiest way to solve this problem is change main.py

from enjarify import parsedex

But I do not want to change source file,

so i tried following debug config:

but this way still does not works, just exit silently. The command line have both --module and --file option which seems can not be controlled by settings and maybe cause problem.

/usr/local/Cellar/pypy3/2.4.0/libexec/bin/pypy "/Applications/PyCharm CE.app/Contents/helpers/pydev/pydevd.py" --multiproc --module --qt-support --client 127.0.0.1 --port 50274 --file enjarify.main /tmp/a.apk -o /tmp/a.jar -f
pydev debugger: process 2205 is connecting

Connected to pydev debugger (build 143.1919)

Process finished with exit code 0

The main.py:main is not executed because the __name__ is not "__main__" at this time.

I have no way to make debugger works without modifying main.py.

So, what about add a launcher script for debugger? no more modification later. debug.py

import enjarify.main

enjarify.main.main()

So debugger normally calls main.py:main for me.

Any better idea is welcome.

Currently enjarify.bat calls python3, but Python installer doesn't install python3.exe. According to PEP 397, the preferred way is to use Python launcher.

I get the following error while using enjarify with pypy3:

struct.error: unpack str size too short for format

Using python3 fixes the issue. Also, the script will not use python because python -c "print(range)" returns "<built-in function range>", not "<class 'range'>".

Hey :smile:

I wanted to report a small problem and suggest a possible solution. The problem is that when the .py files are distributed into the filesystem from a package (f.e. under /usr/lib/enjarify or /usr/share/enjarify) by just copying them over, then no python caching files are created. One problem arises if anyone executes enjarify as root (yes that shouldn't be the case but why not) then python will create those cache object files for all python modules that are imported somewhere within your module. If anyone uninstalls your package afterwards, then the filesystem is left in a cluttered state as the generated object files are not tracked and remain. Additionally there may also be a small performance improvement if python cache object files are distributed.

One possible solution would be to use python setuptools and create a setup.py that will distribute your python module files into f.e. /usr/lib/python3.5/site-packages/enjarify, which will also take care to create the cache entries if the -O1 parameter is passed when calling the setup.py. You could still have your enjarify.sh script that checks for all your favorite python interpreters.

What do you think about this idea? If you need feedback or something like that, feel free... i try to help where i can :smile:

I used the python-3.5.0-embed-amd64.zip to excute,because no 'python3' command in it, so edited the second line in 'enjarify.bat' file------'python -O -m enjarify.main %*' and the result is below: ...\python-3.5.0-embed-amd64\python.exe: Error while finding spec for 'enjarify.main' (<class 'ImportError'>: No module named 'enjarify')

Any ways to get a Python 2.7 friendly enjarify? I would love to integrate it with https://github.com/ajinabraham/Mobile-Security-Framework-MobSF as an alternative to Dex2Jar.

I was dealing with an app using Retrofit (Java Annotations play an important role in that library). Enjarify seemed to work smoothly, but when I opened output .jar frustrating things came out. I can't find any Java Annotation that should have applied to methods. Unluckily I‘m not good at python so have no idea. Is enjarify planned to support Java Annotations?