TL;DR
Given an .apk file and its Manifest.xml decoded, is it possible to tell which libraries/(ad-)modules it ships bundled with – and if so, how?
Detailed question
I've checked with the Manifest specifications and saw the <uses-library /> element – but that's for shared libraries the app expects to be present on the device it shall be installed onto, and thus (AFAICT) not of relevance in this context. I've also checked several "example Manifest.xml files" to see what I would find (and yes, if one knows what to look for, one can e.g. identify AdMob by its declared <activity />). But except from "guess-work", I was unable to figure an "structured approach" valid for (mostly) all cases one might encounter in the real-world.
So what I'm looking for is to write a script which I can pass an .apk file to, and which then spits out a list of libraries and ad-modules used. I'm not asking you to provide me with that script (though I definitely wouldn't reject if offered that; I wouldn't be surprised to hear someone has done that already) – but rather for the core point of what the "identifiers" would be. General approaches are of course welcome as well. If that includes other calls to e.g. aapt, that's of course OK. And if I'm on the completely wrong track, and that information has to be looked for at another place, I'd definitely like to hear those details, too :)
In case it's relevant (e.g. for other "external tools" needed), I'm working on Linux – so Windows tools wouldn't do.
AndroidManifest file has nothing to do with libraries which used in app. And I don't think that there is a way to get list of used libraries, except to check decompiled code and try to match it by package name. But in case if that code obfuscated with Proguard, I think your goal is almost unreachable.
Related
the problem is, i use OP5T, and none of any 8.0/8.1 stock custom rom does support 18:9 scaling feature like in OOS, this feature named as "Full Screen Apps" under app category.
after a few googling, i came up with these method:
1.) add/inject/force this into manifest file of every installed app. or maybe doing some workaround with the packagemanager
meta-data android:name="android.max_aspect" android:value="2.1"
2.) playing inside AOSP source code, parsePackage method.
frameworks/base/core/java/android/content/pm/PackageParser.java.
i know nothing of creating xposed module, but before starting my journey, is it possible to do the first method with xposed?
after seeing module like Xinstaller, App Settings, and XAspect. i thought it may be possible with xposed to approach this.
really appreciate every kind of help, thanks before
Xposed Framework can do this!
Xposed cannot edit manifest xml files directly, but it can indeed do the way 2.) you proposed:
Xposed Framework can "hook" any method to execute arbitray code before/after/replace that method. You are indeed on the right track, and PackageParser.java seems like the right class : I'm not so sure about the parsePackage() method though - a glance at AOSP seems to suggest that perhaps the method parseMetaData() might be a better candidate to hook?
Some background on Xposed -
You will need Java to create any Xposed modules. Android itself is based on (primarily) Java, so you will need Java knowledge to make Xposed modules.
As for Tutorials, Rovo89 (the creator of Xposed) has a simple tutorial here at https://github.com/rovo89/XposedBridge/wiki/Development-tutorial. This tutorial is almost completely upto-date, and you can use this to create your first module.
You will find another detailed tutorial here - https://forum.xda-developers.com/showthread.php?t=2709324. Keep in mind that this link is very old, so wherever there are any conflicts, go by Rovo89's tutorial.
I've tried a number of searches but can't find anything applicable, it may be because I'm just not asking the right question! So please feel free to redirect me if this has been covered elsewhere.
I'm new to Android and to development, but have an idea to use an Application to check other simple apps on the device for potential security holes (this is to design a prototype as part of a course of study).
Before I go any further, is it feasible to use an application to check through/parse/inspect the source code of another app, searching for instances of text/commands/permissions etc (similar to a grep in Linux for example)? Any starting points would be greatly appreciated, things like inter-app communication, converting code into text, searching through that text and reporting and the like.
I think the key might be using an app to inspect a Manifest file of another for permissions settings etc. I've learnt that Dalvik compiled code has big differences to the original Android 'Java'. Is it even possible to use an app to read the Manifest file of another app?
If u use Android Studio try 'code inspect' , 'code analyze'.
I'm trying to install Kik Messenger twice. I have two accounts and don't like to log out because I lose all of my conversation history. I'm currently using Titanium backup's profile feature, which is a very nice fix, but it's still a pain having to switch back and forth between profiles. I might be looking for "perfect" when perfect doesn't exist. I am completely new to modding apks and Android in general, all of my work on this so far has been "trial and error". Anyways, here's what I have:
I have the Google Play version of Kik installed on my phone. I have extracted that app and modified the package name successfully using apktool. However, when I try to install, I get an error saying something about duplicate provider authority. So I did some research and learned that I'm supposed to edit this part of the AndroidManifest. So I have played around with that a little bit and after I change the authorities, I am able to install the modded app. However, it crashes immediately.
Does anyone know how to fix this problem with the provider/authorities?
The issue you're hitting is that the app has registered certain classes to handle particular events. These need to be unique across all installed apps and point to existing classes in the app that will perform some activity with the supplied information.
You bypassed the safety check when installing by changing the defined handlers in the Manifest but that didn't really fix it as they still need to actually point to a valid, working class that can handle the requests/events.
You would need to decompile, rename the classes involved and all references made to them and recompile the whole app to really fix the problem. However, I'd assume that it would likely be against the license. If the code is open source then it wouldn't be too big a task to rename some classes & packages then build the app. If it's closed source then it is a harder task.
What you can do is either set up your device to use multiple accounts (the OS not the app) as each user has a separate data storage and preference location that should allow you to have two configurations. Or you can request that the developers include some sort of multiple account handling or easy account swap feature.
I have task to modify android gingerbread launcher (2.3). I want to download launcher's sources and add some functionality. I have found sources here:
android Gingerbread launcher sources
I download this and import into workspace as is. As a result I get numerous compile errors (some classes are missing, instance variables are missing, etc). Why? I mean why wouldn't it compile? What should I do to make it compile?
P.S. By the way, when project is imported, used platform as per project settings is not 2.3, so I have to manually set it to 2.3. However, numerous errors still remain.
To convert an AOSP application into a standalone SDK application, you will need to find all the "classes and variable not present in the SDK" and remove/replace the references to them. The simplest is to remove the references to them, if the app will still run with reduced functionality. For references to internal resources, you can simply copy those to your project and modify the R values to point to your local copy. You are welcome to examine the "classes and variable not present in the SDK" and determine that you can copy those as well (refactoring them into a new package), in which case you would update your project to refer to the copied and refactored classes.
The easier solution would be to use someone's source where they already did that..Here found one at
Launcher2 full compilable Ginngerbread lancher code
Have a look at here.
It is the Launcher2 from ICS, not GB, but they are very similar.
From Wiki: Note that it is not completely bug free, and adding widgets will crash the app (as it uses a system level permission. Maybe if you installed via root it'll work).
Here's a list of what all I had to do, that I can recall doing:
There are lots of methods like setFastXXX (for example, setFastAlpha()) that aren't available to us. Changing these to setXXX (for example, 'setAlpha()`) worked for me.
Some thing which are available to us via getSystemService() are initialized directly in the code, like the usage of the Vibrator class. These need to be changed to use getSystemService().
Might seem a pleonasm the 'Title' but I wrote it to emphasize the issue.
I have an application running on an Android device, using the 2.2 Froyo library. The application has to (1) install - if not already installed - then (2) launch an .apk file already present in the data/data/myapp/files/ folder.
Knowing Java I would have used a shell execution of the above operations. But Android is also a separate namespace, therefore I would like to know how to do the sequence install + launch of the .apk file.
To note that, while I'm using Eclipse/Ubuntu now, the implementation should take into account ONLY the Android OS APIs, not my dev environment available tools.
Thanks
You do not launch an apk file. An apk file can be thought of as a container holding some number of activities, services, receivers, among other constructs. It's likely you mean you want to launch an activity (which is performed using the startActivity() method from the Context class, or one of its many subclasses) but by no means is that a certainty.
It would seem from your question that you need to learn quite a bit about Android before continuing on the path suggested by your question, because the question you've posted is really too vague to be answered in a reasonable manner for stackoverflow.