本人菜鸟一名。这是我第一篇博客,只是记录探索过程中遇到的问题,如有看客发现不当之处欢迎大家批评指正
本人不胜感激~~
因为只是想尝试一下,所以随手拿了一个手边的apk。这个apk是江苏省信息安全竞赛的一道安卓逆向题,我当时没有做出来,哪位大神逆出来了,求分享~~下载链接
整个大致过程如下:
1.用apktool解包apk(注意要加-d),在AndroidManifest.xml文件的里加一条属性android:debuggable=”true”
2.用apktool重打包,签名重打包的apk
3.eclipse调试运行的重新打包的apk
1,2步遇到的问题比较多。
第1步:
开始我用的apktool是2.1.1版本,于是出现了提示SmaliDebugging has been removed in 2.1.0 onward.Please see: https://github.com.iBotPeaches/Apktool/issues/1061。在Roland_Sun的博客提供了支持SmaliDebugging的apktool_2.0.0b9的下载链接。
下载好了apktool_2.0.0b9,并将要分析的apk文件放到和它相同的目录下,运行如下命令:
java -jar apktool_2.0.0b9.jar d -d test1.apk -o out
此时报出了如下错误:
I: Using Apktool 2.0.0-Beta9 on test1.apk
I: Loading resource table...
I: Loading resource table...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: C:\Users\trend client\apktool\framework\1.a
pk
W: Could not decode attr value, using undecoded value instead: ns=android, name=
versionCode, value=0x00000001
I: Loading resource table from file: C:\Users\trend client\apktool\framework\1.a
pk
Cleaning up unclosed ZipFile for archive C:\Users\trend client\apktool\framework
\1.apk
W: Could not decode attr value, using undecoded value instead: ns=android, name=
versionName, value=0x0000000d
I: Loading resource table from file: C:\Users\trend client\apktool\framework\1.a
pk
W: Could not decode attr value, using undecoded value instead: ns=android, name=
versionCode, value=0x00000001
I: Loading resource table from file: C:\Users\trend client\apktool\framework\1.a
pk
Cleaning up unclosed ZipFile for archive C:\Users\trend client\apktool\framework
\1.apk
Cleaning up unclosed ZipFile for archive C:\Users\trend client\apktool\framework
\1.apk
W: Could not decode attr value, using undecoded value instead: ns=android, name=
versionName, value=0x0000000d
Exception in thread "main" java.lang.NullPointerException
at java.io.Writer.write(Unknown Source)
at brut.androlib.res.util.ExtMXSerializer.writeAttributeValue(ExtMXSeria
lizer.java:38)
at org.xmlpull.mxp1_serializer.MXSerializer.attribute(MXSerializer.java:
673)
at org.xmlpull.v1.wrapper.classic.XmlSerializerDelegate.attribute(XmlSer
ializerDelegate.java:106)
at org.xmlpull.v1.wrapper.classic.StaticXmlSerializerWrapper.writeStartT
ag(StaticXmlSerializerWrapper.java:267)
at org.xmlpull.v1.wrapper.classic.StaticXmlSerializerWrapper.event(Stati
cXmlSerializerWrapper.java:211)
at brut.androlib.res.decoder.XmlPullStreamDecoder$1.event(XmlPullStreamD
ecoder.java:87)
at brut.androlib.res.decoder.XmlPullStreamDecoder.decode(XmlPullStreamDe
coder.java:146)
at brut.androlib.res.decoder.XmlPullStreamDecoder.decodeManifest(XmlPull
StreamDecoder.java:160)
at brut.androlib.res.decoder.ResFileDecoder.decodeManifest(ResFileDecode
r.java:131)
at brut.androlib.res.AndrolibResources.decode(AndrolibResources.java:276
)
at brut.androlib.Androlib.decodeResourcesFull(Androlib.java:116)
at brut.androlib.ApkDecoder.decode(ApkDecoder.java:114)
at brut.apktool.Main.cmdDecode(Main.java:169)
at brut.apktool.Main.main(Main.java:85)
以前在更新apktool的时候也遇到过该问题,我将C:\Users\User Name\apktool\framework目录下的1.apk删除就行了。貌似每次使用一个新的版本的apktool都要进行此操作,遇到类似问题的小伙伴可以试一下。
之后再运行上面的命令就可以得到out文件夹了,out文件夹smali文件夹下的文件都是.java结尾的。
用notepad++打开out文件夹里的AndroidManifest.xml文件给application加一条属性android:debuggable=”true”
第2步:
用apktool将修改过的应用文件重新打包
下面问题又来了:
运行命令:
java -jar apktool_2.0.0b9.jar b -d out -o test_debug.apk
报出如下错误:
I: Using Apktool 2.0.0-Beta9 on out
I: Checking whether sources has changed...
I: Smaling...
I: Checking whether resources has changed...
I: Building resources...
libpng error: Not a PNG file
ERROR: Failure processing PNG image C:\Users\trend client\Desktop\apktool\out\re
s\drawable\icon.png
C:\Users\trend client\Desktop\apktool\out\res\values\public.xml:3: error: Public
symbol drawable/icon declared here is not defined.
Exception in thread "main" brut.androlib.AndrolibException: brut.androlib.Androl
ibException: brut.common.BrutException: could not exec command: [C:\Users\TRENDC
~1\AppData\Local\Temp\brut_util_Jar_8284208640295799834.tmp, p, --debug-mode, --
forced-package-id, 127, --min-sdk-version, 3, --version-code, 1, --version-name,
1.0, -F, C:\Users\TRENDC~1\AppData\Local\Temp\APKTOOL638193518413422358.tmp, -0
, arsc, -I, C:\Users\trend client\apktool\framework\1.apk, -S, C:\Users\trend cl
ient\Desktop\apktool\out\res, -M, C:\Users\trend client\Desktop\apktool\out\Andr
oidManifest.xml]
at brut.androlib.Androlib.buildResourcesFull(Androlib.java:435)
at brut.androlib.Androlib.buildResources(Androlib.java:363)
at brut.androlib.Androlib.build(Androlib.java:286)
at brut.androlib.Androlib.build(Androlib.java:258)
at brut.apktool.Main.cmdBuild(Main.java:236)
at brut.apktool.Main.main(Main.java:88)
Caused by: brut.androlib.AndrolibException: brut.common.BrutException: could not
exec command: [C:\Users\TRENDC~1\AppData\Local\Temp\brut_util_Jar_8284208640295
799834.tmp, p, --debug-mode, --forced-package-id, 127, --min-sdk-version, 3, --v
ersion-code, 1, --version-name, 1.0, -F, C:\Users\TRENDC~1\AppData\Local\Temp\AP
KTOOL638193518413422358.tmp, -0, arsc, -I, C:\Users\trend client\apktool\framewo
rk\1.apk, -S, C:\Users\trend client\Desktop\apktool\out\res, -M, C:\Users\trend
client\Desktop\apktool\out\AndroidManifest.xml]
at brut.androlib.res.AndrolibResources.aaptPackage(AndrolibResources.jav
a:470)
at brut.androlib.Androlib.buildResourcesFull(Androlib.java:416)
... 5 more
Caused by: brut.common.BrutException: could not exec command: [C:\Users\TRENDC~1
\AppData\Local\Temp\brut_util_Jar_8284208640295799834.tmp, p, --debug-mode, --fo
rced-package-id, 127, --min-sdk-version, 3, --version-code, 1, --version-name, 1
.0, -F, C:\Users\TRENDC~1\AppData\Local\Temp\APKTOOL638193518413422358.tmp, -0,
arsc, -I, C:\Users\trend client\apktool\framework\1.apk, -S, C:\Users\trend clie
nt\Desktop\apktool\out\res, -M, C:\Users\trend client\Desktop\apktool\out\Androi
dManifest.xml]
at brut.util.OS.exec(OS.java:89)
at brut.androlib.res.AndrolibResources.aaptPackage(AndrolibResources.jav
a:464)
... 6 more
于是菜鸟的做法就是在网上找解决办法,好不容易在看雪上找到了一个解决办法
http://bbs.pediy.com/showthread.php?p=1250038&mode=linear
将icon.png改名为station.icon,结果也是失败的,报出的错误如下:
I: Using Apktool 2.0.0-Beta9 on out
I: Checking whether sources has changed...
I: Smaling...
I: Checking whether resources has changed...
I: Building resources...
C:\Users\trend client\Desktop\apktool\out\res\values\public.xml:3: error: Public
symbol drawable/icon declared here is not defined.
Exception in thread "main" brut.androlib.AndrolibException: brut.androlib.Androl
ibException: brut.common.BrutException: could not exec command: [C:\Users\TRENDC
~1\AppData\Local\Temp\brut_util_Jar_5038770550413434081.tmp, p, --debug-mode, --
forced-package-id, 127, --min-sdk-version, 3, --version-code, 1, --version-name,
1.0, -F, C:\Users\TRENDC~1\AppData\Local\Temp\APKTOOL561890948059476107.tmp, -0
, arsc, -I, C:\Users\trend client\apktool\framework\1.apk, -S, C:\Users\trend cl
ient\Desktop\apktool\out\res, -M, C:\Users\trend client\Desktop\apktool\out\Andr
oidManifest.xml]
at brut.androlib.Androlib.buildResourcesFull(Androlib.java:435)
at brut.androlib.Androlib.buildResources(Androlib.java:363)
at brut.androlib.Androlib.build(Androlib.java:286)
at brut.androlib.Androlib.build(Androlib.java:258)
at brut.apktool.Main.cmdBuild(Main.java:236)
at brut.apktool.Main.main(Main.java:88)
Caused by: brut.androlib.AndrolibException: brut.common.BrutException: could not
exec command: [C:\Users\TRENDC~1\AppData\Local\Temp\brut_util_Jar_5038770550413
434081.tmp, p, --debug-mode, --forced-package-id, 127, --min-sdk-version, 3, --v
ersion-code, 1, --version-name, 1.0, -F, C:\Users\TRENDC~1\AppData\Local\Temp\AP
KTOOL561890948059476107.tmp, -0, arsc, -I, C:\Users\trend client\apktool\framewo
rk\1.apk, -S, C:\Users\trend client\Desktop\apktool\out\res, -M, C:\Users\trend
client\Desktop\apktool\out\AndroidManifest.xml]
at brut.androlib.res.AndrolibResources.aaptPackage(AndrolibResources.jav
a:470)
at brut.androlib.Androlib.buildResourcesFull(Androlib.java:416)
... 5 more
Caused by: brut.common.BrutException: could not exec command: [C:\Users\TRENDC~1
\AppData\Local\Temp\brut_util_Jar_5038770550413434081.tmp, p, --debug-mode, --fo
rced-package-id, 127, --min-sdk-version, 3, --version-code, 1, --version-name, 1
.0, -F, C:\Users\TRENDC~1\AppData\Local\Temp\APKTOOL561890948059476107.tmp, -0,
arsc, -I, C:\Users\trend client\apktool\framework\1.apk, -S, C:\Users\trend clie
nt\Desktop\apktool\out\res, -M, C:\Users\trend client\Desktop\apktool\out\Androi
dManifest.xml]
at brut.util.OS.exec(OS.java:89)
at brut.androlib.res.AndrolibResources.aaptPackage(AndrolibResources.jav
a:464)
... 6 more
最后没有更好地办法,我理解应该是这个res/drawable目录下的icon.png文件格式应该有问题。
这个图片应该就是这个程序在手机桌面上显示的小图标,为了能进行到第3步,我从别的可以重新打包的1.
res/drawable下复制了一个icon.png过来,并把原来的那个删掉了。好不容易生成了一个重打包的test_debug.apk
接着给test_debug.apk签名,我原来在E盘目录下就有个demo.keystore文件,把test_debug.apk放到同一目录下,
在运行签名命令:
E:>jarsigner -verbose -keystore demo.keystore -signedjar test_debug1.apk test_debug.apk demo.keystore
到此得到了一个可以运行的test1_debug.apk
第3步:
然后用adb启动程序;adb shell am stare -D -n packageName/.activity
设备上出现一个等待调试器连接的对话框,先不要管它,去看eclipse的DDMS,如下:
回到Java点击debug旁边的下拉选择Debug Configurations,在左侧钮选择remote java application填上8600
点击Debug按钮出现Confirm Perspective Switch对话框,点击Yes就出现调试界面了
接下来就可以愉快地调试了~~~~~~~~~~