Are you an app developer looking for a powerful app analysis tool? Do you want to get a good view of your applications architecture and dependencies? Ever tried to disassemble bytecodes in Android™ apps? You can do all this and much more with ApkAnalyser, our new virtual analysis tool that we’re also making available as open source.

ApkAnalyser is a static, virtual analysis tool, which you can use to analyse API references, view application architecture and dependencies, and disassemble bytecodes in Android apps. It’s a complete tool chain which supports modification of the binary application with more printouts. You are then able to repack, install, run and verify the result from logcat.

Features
These are just some of the things you can do with APKAnalyser:


  • Explore packages, classes, methods and fields, and look up packages, classes, methods, references and read & write accesses.

  • Disassemble Dalvik bytecode methods with syntaxes highlighted.

  • Decode Android XML files with syntaxes highlighted.

  • Display UML packages and class diagrams, and highlight package and class dependencies.

  • Modify the APK file with predefined Dalvik bytecode injections.

  • View the logcat with debug level filters.

  • Support odex applications and libraries.

  • List resource IDs and its contents.

  • Find unused resources by resource ID or files.

  • Find system resource (@android) references.



Download APKAnalyser
You can download APKAnalyser directly from our GitHub open source repository.

How to install and use APKAnalyser
To download and install APKAnalyser, follow the steps below:


  1. Download the ApkAnalyser jar file from the project on GitHub.

  2. Copy the jar file to your local disk and execute the following command in the command prompt to start ApkAnalyser: java -Xmx1024m -jar ApkAnalyser.jar

  3. Before you start to analyse your apps, you need to configure the ApkAnalyser. Go to File > Set paths. In the Classpath tab, you can select several jar files or odex files to be loaded as reference libraries. Or you can simply pick a platform folder in the Android SDK tab, for example C:android-sdk-windowsplatformsandroid-15. ApkAnalyser will then import all the jar files in that folder. After that, add the APK file on the right side.

  4. Go to File > Settings. Change adb executable path to point out the location of adb, for exampleC:android-sdk-windowsplatform-toolsadb.exe.

  5. Start analysing your app by clicking FileAnalyse.



The ApkAnalyser application is very simple and easy to use. Find descriptions of the different views below.

Main view
The main window of ApkAnalyser consists of three areas. In the upper left, the tree lists reference libraries with a numerical reference counter. In the upper right, the tree shows the classes and resources of the targeted APK file.





Figure 1. ApkAnalyser’s main window.


When the fields, methods or resource IDs are expanded in the tree, the method invocations, field accesses or resource references for each item will be listed.

 

Figure 2. Expanded tree showing the reference of the resource ID.






Figure 3. Expanded tree showing the field access and method invocation references.


The area at the bottom of the main view is a preview window. It shows different types of information according to what you select in the right and left trees. In general, there are four kinds of output in the preview window:


  1. UML diagrams for packages and classes.

  2. A Dalvik disassembler for methods.

  3. A resource detail view for resource IDs.

  4. An XML decoder for XML resources.



Verifying resources with ApkAnalyser
So maybe you’re ready to start using ApkAnalyser now? One good use case is to use it to help you verify resources. Maybe you’re tired of seeing Resources$NotFoundException when your apps are crashing? Or maybe you have some text strings missing translation? When it comes to verifying resources, ApkAnalyser can help in the following scenarios:


  • When there’s missing resources in the package. The resource is registered but the content is missing while Android Asset Packaging Tool (aapt) packs it.

  • When there’s no DPI specific resource. The DPI specific resource is missing, and there is no default value on that resource.

  • When there’s no default value of the resource.

  • When there’s missing translations. ApkAnalyer will then collect all the language information from the resource file (resources.arsc), and use it to verify the resources one by one. A report will then be generated, showing all the resources that are missing some language configurations.



To verify your resources, click Resource > Verify xml resources. All you need to do is to provide the screen pixel density (dpi) of your targeting device. “ldpi”, “mdpi”, “hdpi” or “xhdpi” can be selected in the sub menu, and if the application is not a specific DPI build, “nodpi” could be selected.

Bytecode modifications
Another good use for ApkAnalyser is the ability to create a set of bytecode modifications, which could be applied to the APK file in a batch. This automatically adds printouts of suspicious pieces of code, to support you in investigating the execution flow of the application.
You can do this by using any of the two quick samples below. You can choose to apply them on some packages, classes or even the whole APK. The first sample will print all the input parameters of a method in the ApiDemo application from Android SDK.


  • In the targeted APK’s tree, navigate “com.example.android.apis.graphics” > “FingerPaint$MyView”, right click “touch_move(float x, float y)” and apply “Print method entry(with params)”. This will append the following output to the logcat when the method is being invoked:




com.example.android.apis.graphics.FingerPaint$MyView:touch_move(float x, float y)void(0,102)
parameter[0]: float x = 155.0
parameter[1]: float y = 290.0


The second sample will show how we get the return value of a method.


  • In the targeted APK’s tree, navigate “com.example.android.apis.graphics” > “FingerPaint$MyView” and right click “onTouchEvent(android.view.MotionEvent event) boolean“ and apply “Print method exit(with return value)”. This will append the following output to the logcat when the method returns:



< com.example.android.apis.graphics.FingerPaint$MyView:onTouchEvent(android.view.MotionEvent event)boolean(10,137)
return: boolean = true

More than twenty types of modifications to create different sets of bytecode are supported. To find out more about these, a complete tutorial is available on the APKAnalyser GitHub wiki page.

0 comments:

Post a Comment

 
Top