Click on the top of the blue word code eggs

The syntax that reverse engineers have to learn

The author blog

The article directories

  • What is Smali?

  • Why learn Smali?

  • How difficult is Smali?

  • How to learn?

  • The sample code

Note: This is a methodology-oriented article.


What is Smali?

Smali is a loose Jasmin/dedexer syntax.

This is simply a syntax that we use to compile Java code into a dex file and then reverse engineer it using baksmali.


Why learn Smali?

First of all, smali has to be said in reverse. Long before Android, there were reverse versions for every platform and language. So far, reverse an APK is usually a security engineer (reverse engineer) and do cracking and other malicious people because of some interests in doing (APK secondary packaging insert advertisement, crack paid application, malicious code implantation, plagiarize API, etc.).

Technology is a double-edged sword, how to use in people. Not the technology itself. So why should application developers learn smALI? I can think of the following points for reference.

When we find that another app has a cool feature that we can’t figure out how to implement. Can not get the source code can choose reverse.

2. Security We need to think about security when we write apps, but we may only know about obfuscation and third-party hardening. We need to understand how others can crack our apps.

3. Adaptation When we find that the API is deprecated on some phones and other applications or systems can implement this function. I wrote an article about this in reverse millet adaptation.

Hey, is that almost enough? Can’t convince you to learn? How about a promotion and a raise? 🙂

Poof, bad guy!! I’ll learn and I’ll learn. Can’t I?


How difficult is Smali?

It’s not hard to. Maybe you read some articles a long time ago. Or you can use tools to open decompiled code. Looking at a bunch of instructions and some keywords and code formatting styles you’ve never seen before, you can’t wait to turn them off. But the truth is you’re not learning it the right way.


How to learn?

My style has always been that I do not like to cram knowledge into my mind, I am more used to analyze from practice, and then make a summary. Now I recommend you a good Smali learning tool plug-in. We opened AndroidStudio to find the location where the plugin was installed. The following figure

Open Browse Repositories, type Java2smali, install and restart.

Github is here: intellij-java2smali


After this step, we can happily convert any Java code directly into smali in androidStudio for learning. The steps are as follows.

Write the simplest Java file. Something like this.

Then we click Build->Compile to smali

Wait a few seconds to get the SMALI file.

We can then analyze the SMali file line by line against the Java code. If we’re watching it for the first time, we might get distracted by some unfamiliar keywords. There’s actually a very simple solution. Note that the. Line keyword is used to describe the number of lines of the current code in the Java source file. You can then work backwards by comparing the two sets of code. This makes it easy to learn to read smALI files.

Good below is an example code for reference.


Sample code:

The original Java code

Smali code


Represents the number of lines of current code in the source Java file.


Indicates that the return value from the public method methodAReturn is an object com.bolex.aa


Indicates that three registers are required on this function


Indicates that two input parameters are received as AA objects and registers P1 and P2 are marked


Represents the start tag for execution within a function. The opening gambit.


Represents line 34 in the source code.


Returns object P1 on the register

.end method


Create an AA object


Represents a direct call using the no-argument constructor


Represents a virtual method

That’s what it looks like. Is it easy?

The above examples are only partial keywords, more keywords can rely on the two groups of files to push back. In fact, sometimes more exquisite is a method. I think this method is quite good, so I will share with you, we do not need to deliberately memorize. Practice makes perfect. Can you be an old driver if you play too much?

There are many things about SMALI that this article has not covered in detail, such as registers, types (primitive types, object types), and the representation of array methods. Readers need to dig deeper. You can refer to the official documentation. There are detailed explanations in it, which have been translated into Chinese.

Messages have benefits, please see the specific rules

“Help you develop good habits”