Saturday, 15 October 2011

Android validation (decompilation) tools

So Jenkins is building and archiving lovely APKs with timestamps in versionName!  People are testing directly out of DropBox.  Got a bug report but need to see which APK it came from!
Goal: Extract human-readable versionName from APK.
Two-liner answer after the break!

The answer is very simple...
  1. Unzip the AndroidManifest.xml from the APK
    unzip MyAPK.apk AndroidManifest.xml
  2. Convert the binary XML to human-readable
    (link to JAR in references, below)
    java -jar A2XMLPrinter2.jar AndroidManifest.xml > AndroidManifest.text.xml
The Android XML files are converted from text to binary form for more efficient on-device use.  UNIX's "file" command (which informs of file type by checking its magic number) opines these binary XML files are "DBase 3 data file".

While investigating, I came across answers to how to check obfuscation-level (which I'd also wondered about).
  1. De-dex your APK MyAPK.apk
    (or dex2jar.bat MyAPK.apk if you're stuck on Windoze)
  2. Decompile the Java class files
    (in this case, view in one step.)
    jd-gui MyAPK_dex2jar.jar
I know I've used an Eclipse-based Java decompiler in the past.  If anyone's interested / I come across the need, I'll update this post with the Eclipse version.


A2XMLPrinter2 project home Convert Android compiled XML file to human-readable (download location)
Dex2Jar project home Convert DEX file (APK) to JAR (class files)
JD-GUI project home Java decompiler GUIc
How-to descriptions:
XDA Developers' "AXMLPrinter2 - Convert Android binary XML to human-readable XML" thread.
AndroidOrigin's how ".dex format to .jar format" blog. Not sure why he does it in Eclipse when CLI works perfectly well but... ?

p.s. I'm preparing a post about setting-up Jenkins for good Android building (i.e. "real software engineering" vs. "hacking and guessing" ;-) ). It's kind'a long so it'll be retro-posted after/before this one.

No comments:

Post a Comment