Sunday, August 4, 2013

Debugging apk files using Netbeans

Debugging apk files using Netbeans

As of this writing, there have been limited real time debugging methods for android apk applications.

This tutorial will talk about debugging android applications step-by-step.

Tools Needed:

1. Netbeans IDE 6.8. You can download it here. Restart your system after installation.
2. apktool.jar (version 1.4.1).  It will only work in this version. Download it here.
3. Signing tool.  You can download my signing tool here.

Step-by-step Instruction:

1. Decode your .apk file  using -d option of apktool. Example If you want to decode it in "out" directory type:
 java -jar apktool.jar d -d out

*Note that the out above is where the decompiled files will be saved. You can use any folder name here.

2.  Open the out folder and open AndroidManifest.xml. Add android:debuggable="true" attribute to <application> section in out/AndroidManifest.xml file.

3. Rebuild your apk.
java -jar apktool.jar b -d out

4. Sign and install
5. Delete out/build and out/dist folder. This is because, netbeans will not allow you to create from existing project when those folders exists.
6. Run NetBeans, click "File" -> "New Project". Choose "Java"->"Java Project with Existing Sources". Click "Next".
7. Specify out as "Project Folder". Click "Next".
8. Add out/smali folder to the "Source Package Folder" list. Click "Next" and then "Finish".
9. Start the app on the device, run DDMS, find your application on a list and click it. Note port information in last column - it should be something like 86xx / 8700".
10. In Netbeans, click "Debug" -> "Attach Debugger" -> select "JPDA" and set "Port" to 8700 (or whatever you saw in previous step). Set your host to "localhost". Rest of fields should be ok, click "OK".
11. Debugging session should start: you will see some info in a log and debugging buttons will show up in top panel.
12. Set breakpoint.  You can't set breakpoint on lines starting with ".", ":" or "#". You must select line with some instruction
13. Trigger some action in application. If you run at breakpoint, then thread should stop and you will be able to debug step by step, watch variables, etc.

Other way of setting a breakpoint:

Notice that  you have to actually execute the app before you can attach the debugger. In most cases, we don't want this because some of the codes already executed. To get away with this, we can use the waitForDebugger() function.
1.  add the following smali code on the onCreate() method of the launcher activity.
invoke-static {}, Landroid/os/Debug;->waitForDebugger()V
 invoke-super {p0, p1}, Landroid/app/Activity;->onCreate(Landroid/os/Bundle;)V
 2.  Do steps from 3 to 11 from above. You will see just a black screen after you start the application on step 9; don't worry, it's normal. If Android proposes you to close the application because the application does not respond, reject the proposition. The application is frozen at the very beginning of execution, it is waiting for the debugger.

3. Set a breakpoint on the first instruction after invoke-static {}, Landroid/os/Debug;->waitForDebugger()V in theonCreate(...) method and continue execution. Your breakpoint will be hit and you will be able to debug the application step by step from the very beginning, watch variables, etc.

No comments:

Post a Comment