By system apps, I'm referring to things like settings.apk, framework-res.apk etc.
As of now, most of my issues are coming from "duplicate" strings such as
<string name="photoPickerNotFoundText" product="tablet" msgid="6247290728908599701">"У пристрої немає доступних зображень."</string>
<string name="photoPickerNotFoundText" product="default" msgid="431331662154342581">"У телефоні немає доступних зображень."</string>
There are two strings with the same name, but for a different product, which causes an error when building gradle. Is there any way to fix that?
I remember reading somewhere about a similar question for building settings.apk, but I can't seem to find it anymore. As a final note, I was just wondering if it was possible to build these apps on a pc, rather than on a linux system with linaro.
Thanks!
You need to change the PackageName.NO other way.
Related
I'm using Xamarin to develop android app. As I know, it hasn't supported android app bundle. So I would like to know if there is any way to generate an Android App Bundle - aab file from the apk via terminal? Or any other good way to process ?
No, the APK itself doesn't have enough information for the bundletool to create a bundle (AAB). It can work the other way round - to create an APK from a bundle.
If you want to create a bundle by hand, you will need to do a lot of stuff by hand, including resource handling, code compilation etc. You can find more information about how to do that in the official documentation.
answer given by Deeep Dip is right, but he might not be able to explain it properly (step-by-step). Also the tool "apktoaabconverter.com" he mentioned below was paid (at the time I'm answering the question).
I followed his manual steps and came out with a simplest solution which is using the telegram platform.
Actually I found some bots there simply by searching for "APK to AAB" in the Global search bar. This bots on their side are using the same procedure #deeep-div was trying to explain (Found out via logs attached with .aab).
Direct links to the telegram bots:
http://t.me/apktoaabbot (Used to be busy a lot)
http://t.me/apktoaab_bot (This one I used to convert my .apk to .aab)
NOTE: You may need wait around 30 minutes after sending your .apk file. Time could vary as per the load on bot servers.
I've tried a number of searches but can't find anything applicable, it may be because I'm just not asking the right question! So please feel free to redirect me if this has been covered elsewhere.
I'm new to Android and to development, but have an idea to use an Application to check other simple apps on the device for potential security holes (this is to design a prototype as part of a course of study).
Before I go any further, is it feasible to use an application to check through/parse/inspect the source code of another app, searching for instances of text/commands/permissions etc (similar to a grep in Linux for example)? Any starting points would be greatly appreciated, things like inter-app communication, converting code into text, searching through that text and reporting and the like.
I think the key might be using an app to inspect a Manifest file of another for permissions settings etc. I've learnt that Dalvik compiled code has big differences to the original Android 'Java'. Is it even possible to use an app to read the Manifest file of another app?
If u use Android Studio try 'code inspect' , 'code analyze'.
This question already has answers here:
Best way to have paid and free version of an Android app [closed]
(9 answers)
Closed 9 years ago.
I am building an android application and I want to split it into two versions, Pro and Free.
The pro app will be the complete ad-free, and the free will be limited and with ads.
The base of the business logic of the two apps will be the same... So I don't think that is correct to "write the code" twice.
Handling same code in two projects can be very annoying for bug fixing and code improvements.
Is there any way to do it with one project?
Shared-preference for example is not good solution for this because many people have root access so they can change it very easily.
Firstly Hello,
As far as I've heard or seen, two versions of the same app (Free and Pro) should be two distinct projects. You could, but should NOT, use the same app and just check for a flag saved in the Prefs, but root users can override that (as you already stated).
You could also use Google's in App purchase to verify this as the other answer states. In my opinion you should not use the same project and check for a flag because it's bound to create some overhead, especially if you check using the Internet. If the user has a slow or unreliable network connection his experience will suffer.
The "clean" way to do it is to make two distinct apps like everyone else does: users can install the free app, or the pro app. This is ideal because you have two distinct options for users and if they want the pro version they don't need to get the free one and then see the option unlock in the menu. It's just way more straightforward for users.
I recommend you build the pro app first and after it is completed derive the free version by restricting functionality and including adds because it's easier to strip it down than to add-in. After you finish the pro version, just click on:
File -> New -> Project (pop up menu appears) -> select Android folder -> select "Android Project from Existing Code" -> select your App and click Finish
The drawback is that if you spot a bug you must fix it in both projects. If you want to optimize finding bugs, you could build the free version, put it on the market and fix the bugs reported by the end-users as well as the ones you spot. After you consider everything to be fine, you can create the pro version from the existing code and carry on with that.
ps: I realize I filled this whole page, but this is my first answer here and it seems I'm overenthusiastic :-)
How about using Google's in App purchase? This way the Google server manages the PRO/Trial detail. The only con is that your app needs to have internet access for validation purpose :)
I'm sorry if this solution seems a bit raw, but...
Why not have a hard-coded flag in your code... some static variable in some class saying something like:
public static final boolean isFreeVersion = true/false;
Then, in any place where you want to decide whether or not to show adds, simply reference this boolean.
You'll still need to build your app twice and publish it to the store twice (under different app signatures), once with the boolean as true, and once as false. But at least the code base will be the same. This way, if you find a bug, you can fix it, and just publish the same app twice with only switching the boolean value.
I'm pretty sure you could even find an ant script to change the value of the boolean for you during a build.
I have been searching around this site and google for a couple of hours now, and I can't find anything about this. Maybe because I use the wrong search terms, I don't know.
I am making an Application List for an App of mine, and for the most part this is easy enough. My problem is that when I come across an updated system application, I need to get information about the original package file (The one in /system/app rather than the updated one in /data/app), information like version and file name.
Now, I could extract this as root from /data/system/packages.xml, but I thought that there might be a better native solution using PackageManager like with the rest of the application list?
This question already has answers here:
I lost my .keystore file?
(12 answers)
Closed 9 years ago.
Based on my android keystore I created some apps. now, I want to update one of my programs but I lost my keystore. can I generate another one and update my app?
Thanks
You can create a new keystore, but the Android Market wont allow you to upload the apk as an update - worse still, if you try uploading the apk as a new app it will not allow it either as it knows there is a 'different' version of the same apk already in the market even if you delete your previous version from the market
Do your absolute best to find that keystore!!
When you find it, email it to yourself so you have a copy on your gmail that you can go and get in the case you loose it from your hard drive!
No, there is no chance to do that. You just learned how important a backup can be.
Brute Force is the only way!
Here is a script that helped me out:
https://code.google.com/p/android-keystore-password-recover/wiki/HowTo
Using a list of 5-10 possible words from memory, it recovered my password in <1 sec.
As everyone has said, you definitely need the key. There's no workaround for that. However, you might be surprised at how good the data recovery software can be, and how long the key may linger on your systems -- it's a tiny, tiny file, after all, and may not yet be overwritten. I was pleasantly surprised on both counts.
I develop on an OSX machine. I unintentionally deleted my app key around 6 weeks ago. When I tried to update, I realized my schoolboy error. I tried all the recovery tools I could find for OSX, but none could find the file -- not because it wasn't there, but because these tools are optimized to find the sorts of files the majority of users want back (photos, Word docs, etc.). They're definitely not looking for a 1KB file with an unusual file signature.
Now this next part is going to sound like a plug, but it isn't -- I don't have any connection to the developers:
The only recover tool I found that worked was one called Data Rescue by Prosoft Engineering (which I believe works for other files systems as well -- not just HFS+). It worked because it has a feature which allows you to train it to look for any file type -- even an Android key. You give it several examples. (I generated a few keys, filling in the data fields in as like manner as possible to the original). You then tell it to "deep search". If you're lucky, you'll get your key back in the "custom files" section.
For me, it was a life saver.
It's $100 to purchase, so it's not cheap, but it's worth it if you've got a mass of users and no further means of feeding them updates.
I believe they allow you 1 free file recovery in demo mode, but, unfortunately, in my case, I had several keys and could not tell which one was the one I needed without recovering them all (file names are not preserved on HFS+).
Try it first in demo mode, you may get lucky and be able to recover the key without paying anything.
May this message help someone. It's a sickening feeling, I know, but there may be relief.
If you lost a keystore file, don't create/update the new one with another set of value. First do the thorough search. Because it will overwrite the old one, so it will not match to your previous apk.
If you use eclipse most probably it will store in default path. For MAC (eclipse) it will be in your elispse installation path something like:
/Applications/eclipse/Eclipse.app/Contents/MacOS/
then your keystore file without any extension. You need root privilege to access this path (file).
I want to refine this a little bit because down-votes indicate to me that people don't understand that these suggestions are like "last hope" approach for someone who got into the state described in the question.
Check your console input history and/or ant scripts you have been using if you have them. Keep in mind that the console history will not be saved if you were promoted for password but if you entered it within for example signing command you can find it.
You mentioned you have a zip with a password in which your certificate file is stored, you could try just brute force opening that with many tools available.
People will say "Yea but what if you used strong password, you should bla,bla,bla..." Unfortunately in that case tough-luck. But people are people and they sometimes use simple passwords.
For you any tool that can provide dictionary attacks in which you can enter your own words and set them to some passwords you suspect might help you. Also if password is short enough with today CPUs even regular brute force guessing might work since your zip file does not have any limitation on number of guesses so you will not get blocked as if you tried to brute force some account on a website.