baksmali

java -jar baksmali.jar [options] <dex-file(s)>

-o <dir>, --output <dir>
    Specifies the output directory where the disassembled Smali files will be stored.

-a <api>, --api <api>
    Sets the Android API level to use for disassembling, affecting instruction interpretation and syntax (default: 15).

-d <dir>, --bootclasspath-dir <dir>
    Provides a directory containing bootclasspath JARs/APKs, useful for resolving references.

-p <classpath>, --classpath <classpath>
    Adds additional classpath entries (JARs, APKs, or directories) to resolve external references.

-b, --debug-info
    Includes debug information (e.g., source file, line numbers) in the disassembled output.

-L, --list-classes
    Instead of disassembling, only lists the fully qualified names of classes found in the input DEX file(s).

-x, --extract-dex
    Extracts all inner DEX files found within the input file(s) instead of disassembling them.

--ignore-errors
    Attempts to continue disassembling even if errors are encountered in the input DEX file(s).

--version
    Displays the current version of baksmali.

--help
    Shows the command-line help message with all available options.

baksmali is a disassembler for Dalvik Executable (DEX) files, which are the bytecode format used by Android applications. Its primary function is to convert DEX bytecode into human-readable Smali assembly code. This process is crucial for reverse engineering Android applications, allowing developers and security researchers to understand, analyze, and modify application logic at a low level.

It is the counterpart to the smali assembler, which takes Smali assembly code and converts it back into DEX bytecode. Together, smali and baksmali form the backbone of many Android application analysis and modification toolchains, including popular tools like apktool. Users often extract a DEX file from an APK, run baksmali on it, make modifications to the resulting Smali files, and then use smali to re-assemble them into a new DEX file, which can then be re-packaged into an APK.

When working with obfuscated Android applications, the disassembled Smali code can be significantly harder to read and analyze due to techniques like name mangling and control flow obfuscation.

Choosing the correct API level with -a is important; incorrect API levels might lead to syntax errors or misinterpretation of certain instructions specific to different Android versions.

Large or complex DEX files can result in a significant number of Smali files and may take a considerable amount of time to disassemble.

The output of baksmali is code written in Smali, a human-readable assembly language for the Dalvik/ART virtual machine. Smali closely mirrors the underlying DEX bytecode instructions, making it a low-level representation suitable for precise analysis and modification that higher-level decompilers might miss.

baksmali (and smali) are core components of APKTool, a popular third-party tool for reverse engineering Android applications. APKTool automates the extraction, disassembling, reassembling, and re-signing processes, simplifying complex tasks for Android app modders and analysts by integrating baksmali's functionality.

The smali/baksmali project was created by R. "JesusFreke" P. around 2010. It quickly became an essential open-source tool for Android application reverse engineering due to its accuracy and flexibility in handling the Dalvik (and later ART) bytecode format. Its development has closely tracked changes in the Android platform, adapting to new DEX formats and instruction sets, solidifying its role as a fundamental utility in the Android security and development community.

smali, apktool, dex2jar, jadx