-
Notifications
You must be signed in to change notification settings - Fork 5
Day 1 ‐ Smali vs Java
- If the Apps are made in Java then what is this smali and why is it important ?
- Computers have limitations in understanding numerical values beyond the decimal system (base-10). To represent values greater than 9, they use hexadecimal values (a, b, c, d, etc.) and binary numbers (0s and 1s).
- This implies that computers cannot fully comprehend our number system, and vice versa. We must learn their number systems to bridge this gap.
- While we can learn how computers operate, it is impractical to expect computers to learn our number system.
- Similarly, when we use Java to develop Android applications, the Android system needs to convert the Java code into a format it can understand, known as Smali. This conversion ensures that the Android system can interpret and execute the Java code properly.
Smali is important because it allows developers,reverse engineers and malware analysts to:
- Reverse engineer Android applications
- Modify Android applications
- Create malicious applications
- Identify malicious applications
- Smali is a low-level language that is similar to Java bytecode. It is designed to be easy to read and understand, and it can be used to create and modify Android applications. Smali is also used by malware authors to create malicious applications.
- Stands for "assembler" in Icelandic.
- Everything in it are similar to Java (from start import to methods, classes, etc.), only representation of those things are changed nothing else
- Stands for "disassembler" in Icelandic.
- Also named after the village of Dalvik, as it is the opposite operation of assembling (Smali).
- The Dalvik Virtual Machine (DVM) is an android virtual machine optimized for mobile devices. It optimizes the virtual machine for memory, battery life and performance.
- Named after the village of Dalvik in Iceland, where the Dalvik Virtual Machine was created. It was written by Dan Bornstein. Read More
- The DVM is responsible to run Android applications. The DVM is responsible for executing the instructions contained in Smali code. When an Android application is installed on a device, the DVM converts the Smali code into a format that the device's processor can understand. This process is known as "dexing".
- The DVM converts Smali code into a format that the device's processor can understand through the process known as "dexing".
Since everybody takes example of `Hello World!` in this field, let's go with that
- In Java:
class HelloWorld {
public static void main(String[] args) {
System.out.println("Hello, World!");
}}
}
- In Smali:
.class public LHelloWorld;
.super Ljava/lang/Object;
.method public static main([Ljava/lang/String;)V
.registers 2
sget-object v0, Ljava/lang/System;->out:Ljava/io/PrintStream;
const-string v1, "Hello World!"
invoke-virtual {v0, v1}, Ljava/io/PrintStream;->println(Ljava/lang/String;)V
return-void
.end method
Line 1: In Java, you can simply write class HelloWorld {`{your code}`}
However, in smali you must add a capital "L" before the class name, like .class public **L**HelloWorld {`{your code}`}
.
Note that there is '.
' too just before 'class' defining, this is basic syntanx for each method/class/return defining in smali
The next line in smali: [Ljava.lang.Object;
is the name for Object[].class
and .super
doing function like calling/storing of it
Line 2: .super Ljava/lang/Object;
declares that the current class extends the Java class Object
.
When you create a new class in Java, it automatically extends the Java class Object
. This means that your new class inherits all of the methods and variables that are defined in the Object
class.
A simple way to understand this concept is a family tree. In a family tree, everyone is related to each other. Similarly, in Java, all classes are related to the Object
class.
For example, let's say you have a class called Car
. The Car
class inherits all of the methods and variables that are defined in the Object
class. This means that you can use methods like toString()
, equals()
, and hashCode()
on any Car
object.
Another way to think about it is that the Object
class is the parent class of all other classes in Java. When you create a new class, you are essentially saying that your new class is a child of the Object
class.
-
Parent Class:
Vehicle
-
Child Class:
Car
The Car
class inherits all of the properties and methods of the Vehicle
class. This means that a Car
object has all of the same properties and methods as a Vehicle
object, such as make
, model
, and year
.
In the same way, all Java classes extend the Object
class, which means that they inherit all of the properties and methods of the Object
class.
Line 4: .method public static main([Ljava/lang/String;)V
declares a public static method named main
that takes an array of String
objects as input and returns void
.
In this case/example the main
method is like the front door of your house. When someone wants to enter your house, they come through the front door. Similarly, when you run a Java program, the JVM enters your program through the main
method.
Another way is to think of the main
method as the starting point of a race. When a race begins, all of the runners start at the same starting line. Similarly, when you run a Java program, the JVM starts executing your program at the main
method.
Line 5: .registers 2
specifies that the method uses two registers. More informatin on Day 3 wiki
Line 7: sget-object v0, Ljava/lang/System;->out:Ljava/io/PrintStream;
retrieves the PrintStream
object associated with the standard output stream and stores it in register v0
.
Line 9: const-string v1, "Hello World!"
loads the string "Hello World!" into register v1
.
Line 10: invoke-virtual {`{v0, v1}`}, Ljava/io/PrintStream;->println(Ljava/lang/String;)V
calls the println
method on the PrintStream
object in register v0
, passing the string in register v1
as an argument. This prints the string "Hello World!" to the standard output stream.
Line 12: return-void
returns from the main
method.
Line 13: .end method
marks the end of the method.