每天推薦一個 GitHub 優質開源項目和一篇精選英文科技或編程文章原文,歡迎關注開源日報。交流QQ群:202790710;電報群 https://t.me/OpeningSourceOrg
今日推薦開源項目:《手把手教你如何用 JADX 反編譯 APK》
推薦理由:JADX 是一個集成化的反編譯開發工具,還可以將源文件導出為 Android Gradle 項目。
1、準備
JADX 程序:
下載地址1:https://github.com/skylot/jadx/releases
下載地址2:https://sourceforge.net/projects/jadx/files/
(注意:電腦上需要安裝 Java:安裝教程)
2、解壓下載的壓縮包
如圖:
我們需要關注的是 bin 文件夾裡面的 bat 文件
使用bat文件可以讓你在命令行或圖形用戶界面中使用 JADX
注意:需以管理員許可權運行,不然可能無法正常啟動
3、一個例子(反編譯360相機 APK)
(1)使用圖形界面
啟動 jadx-gui.bat 文件(在解壓文件夾的 bin 文件夾裡面)。然後,你會看到如圖所示開始界面:
選擇了文件後,JADX 會自動反編譯它,界面的左邊是資源管理器。 我們這用的是360相機的 APK 文件。
看起來是不是很炫酷呢?
點擊 file -> save all可以將所有代碼保存在一個文件夾裡面。
(2)使用命令行
打開一個新的命令提示符,切換到 JADX 的 bin目錄:
cd C:\Users\37989\Documents\JADX\jadx-0.6.1\bin
執行反編譯:
jadx -d C:\Users\37989\Documents\JADX\example2 C:\Users\37989\Documents\JADX\camera360.apk
注意:輸入的目錄文件夾應該是已經存在的。
4、優點
(1)文本搜索
點擊 Navigation -> Text Search 或者 Navigation -> Class Search 激活它,並且 jadx 的搜索支持四種維度,Class、Method、Field、Code,我們可以根據我們搜索的內容進行勾選,範圍最大的就是 Code ,基本上就是文本匹配搜索。
(2)查找引用
比如想要找到我們想要的類和代碼,那麼可以直接使用 jadx 的搜索代碼功能,找到我們需要查看的類或者代碼,選中點擊右鍵,選擇Find Usage。
這樣的話, jadx 就會為你搜索出在此項目中哪些地方使用了這些類或代碼.
(3)反混淆(Deobfuscation)
一般 apk 在發布出去之前,都是會被混淆的,這基本上是國內 App 的標配,但其實非常不利於我們閱讀。我們很難看到一個 a.java 的文件之後,就確定它是哪一個,還需要根據包名來區分。而 Deobfusation 功能,可以為它們起一個特殊的名字,這樣它在這個項目中,名字就是唯一的,方便我們識別和搜索。這個功能可以在 Tools -> deobfusation 中激活。
(4)導出為 Gradle 項目
jadx-gui 可以直接閱讀代碼,還是很方便的。但是畢竟沒有我們常見的編輯器來的方便。jadx支持將反編譯後的項目,直接導出成一個 Gradle 編譯的工程。可以通過 File -> Save as gradle project 來激活這個功能。最終輸出的項目,可以直接通過 Android Studio 打開。
5、錯誤處理方法
有些 apk 文件的體積比較大的時候,反編譯的時候會卡住或者假死,解決方案:
使用記事本或者 notepad++ 打開 jadx-gui.bat
更改應用運行內存為1GB
變更前:
set DEFAULT_JVM_OPTS=
變更後:
set DEFAULT_JVM_OPTS=-Xmx1024M
(注意等號的後面有個減號)
今日推薦英文原文:《3 password managers for the Linux command line》
原文鏈接:https://opensource.com/article/18/4/3-password-managers-linux-command-line
推薦理由:很多朋友會使用密碼管理器,不過,那是圖形界面的,今天給大家介紹三個命令行下的三個密碼管理器。
3 password managers for the Linux command line
We all want our passwords to be safe and secure. To do that, many people turn to password management applications like KeePassX or Bitwarden.
If you spend a lot of time in a terminal window and are looking for a simpler solution, you'll want to check out one of the many password managers for the Linux command line. They're quick, easy to use, and secure.
Let's take a look at three of them.
Titan
Titan is a password manager that doubles as a file-encryption tool. I'm not sure how well Titan works at encrypting files; I only looked at it as a password manager. In that capacity, it does a solid job.
Titan stores your passwords in an encrypted SQLite database, which you create and add a master passphrase to when you first fire up the application. Tell Titan to add a password and it asks for a name to identify it, a username, the password itself, a URL, and a comment about the password.
You can get Titan to generate a password for you, and you can search your database by an entry's name or numeric ID, by the name or comment, or using regular expressions. Viewing a specific password, however, can be a bit clunky. You either have to list all passwords and scroll through them to find the one you want to use, or you can view the password by listing the details of an entry using its numeric ID (if you know it).
Gopass
Gopass is billed as "the team password manager." Don't let that put you off. It's also great for personal use.
Gopass is an update of the venerable Unix and Linux Pass password manager written in the Go programming language. In true Linux fashion, you can either compile the source code or use an installer to get gopass on your computer.
Before you start using gopass, make sure you have GNU Privacy Guard (GPG) and Git on your system. The former encrypts and decrypts your password store, and the latter signs commits to a Git repository. If gopass is for personal use, you still need Git. You just don't need to worry about signing commits. If you're interested, you can learn about those dependencies in the documentation.
When you first start gopass, you need to create a password store and generate a secret key to secure that store. When you want to add a password (which gopass refers to as a secret), gopass asks you for information such as a URL, a username, and a note about the secret. You can have gopass generate the password for the secret you're adding, or you can enter one yourself.
As you need to, you can edit, view, or delete passwords. You can also view a specific password or copy it to your clipboard to paste it into a login form or window.
Kpcli
The open source password manager of choice for many people is either KeePass or KeePassX. Kpcli brings the features of KeePass and KeePassX to your nearest terminal window.
Kpcli is a keyboard-driven shell that does most of what its graphical cousins can do. That includes opening a password database; adding and editing passwords and groups (which help you organize your passwords); or even renaming or deleting passwords and groups.
When you need to, you can copy a username and password to your clipboard to paste into a login form. To keep that information safe, kpcli also has a command to clear the clipboard. Not bad for a little terminal app.
每天推薦一個 GitHub 優質開源項目和一篇精選英文科技或編程文章原文,歡迎關注開源日報。交流QQ群:202790710;電報群 https://t.me/OpeningSourceOrg