Proguard retrace isnt mapping the stack trace to the actual source - android

I have been using the eclipse built in proguard tool to obsucate the code, which Works fine. However when I try to retrace the stack trace of the obfuscated code, retrace doesn't output an un-obfuscated stacktrace.
I have double check the mapping.txt to sure that i am using the right one.
here is my stack trace
ERROR/AndroidRuntime(19398):
FATAL EXCEPTION: Thread-35
ERROR/AndroidRuntime(19398): java.lang.NullPointerException
ERROR/AndroidRuntime(19398): at android.graphics.Canvas.throwIfRecycled(Canvas.java:954)
ERROR/AndroidRuntime(19398): at android.graphics.Canvas.drawBitmap(Canvas.java:980)
ERROR/AndroidRuntime(19398): at com.excelectronic.b.aa.a(ProGuard:535)
ERROR/AndroidRuntime(19398): at com.excelectronic.g.f.a(ProGuard:220)
ERROR/AndroidRuntime(19398): at com.excelectronic.game.GameView.a(ProGuard:198)
ERROR/AndroidRuntime(19398): at com.excelectronic.game.GameView.onDraw(ProGuard:98)
ERROR/AndroidRuntime(19398): at com.excelectronic.game.ac.run(ProGuard:121)
and using the command
retrace.bat -verbose mapping.txt obfuscated_trace.txt

ProGuard's ReTrace tool by default expects the stack traces to be nicely formatted, the way they are printed out by java. This means that it expects line breaks in the proper places and no prefixes like "ERROR/AndroidRuntime(19398)".
Alternatively, you can modify the regular expression that ReTrace uses for parsing the stack traces.

Use traceview to extract the original Java stack trace before using ReTrace.

Related

Android log deobfuscation/retrace

I need some help with Android log file deobfuscation .
The problem is that if I have an exception like:
...
10-16 10:03:10.488: E/AndroidRuntime(25723): Caused by: java.lang.NullPointerException
10-16 10:03:10.488: E/AndroidRuntime(25723): at proguard.test.a.a(Unknown Source)
...
the retrace return original log but if I paste to log function name and line like:
...
10-16 10:03:10.480: I/ghghghg(25723): Crash in function [proguard.test.a.a() Line : -1 ]
...
the retrace doesn't deofescates that log line.
I know that there is an -regex parameter to retrace command but I can't find any explanation or sample. The Proguard retrace manual is unavailable on http://proguard.sourceforge.net/manual/retrace/usage.html.
How can I configure the retrace to deobfuscate custom lines in log?
The ProGuard manual (online, and also included in the ProGuard distribution) contains an example. It uses java.util.regex syntax with some additional wildcards for class names, etc.
You can try recat. It's a python script based on logcat-color, made exactly for this scenario, on-the-fly logcat deobfuscation (doesn't work on Windows though).

Proguard Retrace not working with stacktrace runtime info like E/AndroidRuntime(10237):

I need to remove lines from my proguard.trace file like E/AndroidRuntime(10237): in order for retrace to work. Basically I am looking at log file and need to remove this lines or retrace does not work. Am I missing something or do I need to do this for every stacktrace? Basically its the information before that appears at the beginning of a stacktrace line like
E/AndroidRuntime(10237): at com.test.a.b.c(UnnownSource) :134
Here is the whole stacktrace:
E/AndroidRuntime(10237): FATAL EXCEPTION: main
E/AndroidRuntime(10237): java.lang.ArithmeticException: divide by zero
E/AndroidRuntime(10237): at ub.a(SourceFile:180)
E/AndroidRuntime(10237): at wp.getView(SourceFile:290)
E/AndroidRuntime(10237): at android.app.ActivityThread.main(ActivityThread.java:4627)
E/AndroidRuntime(10237): at java.lang.reflect.Method.invokeNative(Native Method)
E/AndroidRuntime(10237): at java.lang.reflect.Method.invoke(Method.java:521)
E/AndroidRuntime(10237): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:858)
E/AndroidRuntime(10237): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
E/AndroidRuntime(10237): at dalvik.system.NativeStart.main(Native Method)
etc
E/ ( 2623): Dumpstate > /data/log/dumpstate_app_error
So I am running ./retrace.sh mapping.txt proguard.retrace the contents of which is above. It will not retrace unless I remove E/AndroidRuntime(10237):
Am I missing some options to retrace. How do trace files need to be prepared for this to work? I don't think its the mapping file because it works after I remove the first part of the line.
Proguard wants each "at" on a separate line, and only with white space before it. If it sees anything but white space before the at, it will not unobfuscate it.
Recent versions of ReTrace can parse stack traces with the logcat prefixes like "E/AndroidRuntime(10237):", so it should no longer be a problem.
If you have a stack trace format that ReTrace can't parse, you can always specify your own regular expression with the option -regex.
Try recat. It's a python script based on logcat-color, made exactly for this scenario, on-the-fly logcat deobfuscation (doesn't work on Windows though).
The main idea is that it deobfuscates each part of the log (tags/messages) separately.

Proguard retrace.sh stack

I am struggling to understand debug information supplied by retrace.sh on my Android app. Why does it show 2 methods?
at java.lang.Thread.run(Thread.java:1027) Caused by: java.lang.NullPointerException
at com.mytaxicontrol.MyTaxiControlActivity$calctarif.java.lang.Void doInBackground$10299ca()(Unknown Source)
void nexttariflimit(boolean,boolean)
boolean newtaximoved(int,com.mytaxicontrol.MyTaxiControlActivity$nTW)
at com.mytaxicontrol.MyTaxiControlActivity$calctarif.java.lang.Object doInBackground(java.lang.Object[])(Unknown Source)
For lack of line numbers in the stack trace, ReTrace can't determine the original methods unambiguously, so it prints out all possible alternatives.
Cfr. ProGuard manual > ReTrace manual > Examples
Cfr. ProGuard manual > Examples > Producing useful obfuscated stack traces

howto in eclipse debug the Proguard obfuscated apk file

I got a crash in my app after using Proguard and signing and exporting with a new key.
The same code works in normal eclipse debug mode.
I read everywhere i should use the mapping.txt to find the code that failed.
But how to do that, I have google this for 2 hour now and no answer is working.
Im now signing the apk file with the debug.keystore and using the default password "android".
Someone say i should android:debuggable="false" in my application tag to make
Proguard obfuscate my debug session in eclipse.
Is this right?
Any help would be grate
on the Proguard Android Developer page I cannot find a way to do this
"When your obfuscated code outputs a stack trace, the method names are obfuscated, which makes debugging ha"
What "stack trace" and from where?
On the page Proguard Manual I cannot find an explanation
You can de-obfuscate the stack trace most easily using the Proguard GUI. You'll find this with your Android SDK.
sdk\tools\proguard\bin\proguardgui.bat
Run the GUI above from the path above.
Click the 'ReTrace' button at the bottom of the panel on the left.
Add the path to your Mapping File (mapping.txt) in the 'Mapping file' text box.
Paste a copy of your stack trace in the 'Obfuscated stack trace' text box.
Click 'ReTrace' in the bottom right.
Happy Debugging!
Not within Eclipse.
Outside of Eclipse, use Retrace function within ProGuard. You'll also need the dumped stacktrace and mapping.txt found under your project's proguard directory to reverse the obfuscated stacktrace. Remember to save a copy of mapping.txt (preferably outside of your project's workspace) each time you deploy a new version of your Android app.
Been looking into this, the documentation for proguard on the android developer site demonstrates how to decode a stack trace, but it does not specify how to get the stack trace.
http://developer.android.com/guide/developing/tools/proguard.html (see section Decoding Obfuscated Stack Traces)
I tried to use a logcat dump as follows:-
E/AndroidRuntime(14584): FATAL EXCEPTION: main
E/AndroidRuntime(14584): java.lang.ExceptionInInitializerError
E/AndroidRuntime(14584): at com.a.a.b.a.dg.<init>(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.b.a.q.a(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.b.a.y.a(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.b.a.y.a(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.b.a.aq.get(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.b.cp.a(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.b.ai.c(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.b.bg.a(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.a.o.a(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.b.ee.a(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.b.ag.a(Unknown Source)
E/AndroidRuntime(14584): at com.a.a.b.cb.a(Unknown Source)
Unfortunately this does not work, but it does work if I remove the E/AndroidRuntime(14584) from the beginning of each line it does work:
FATAL EXCEPTION: main
java.lang.ExceptionInInitializerError
at com.a.a.b.a.dg.<init>(Unknown Source)
at com.a.a.b.a.q.a(Unknown Source)
at com.a.a.b.a.y.a(Unknown Source)
at com.a.a.b.a.y.a(Unknown Source)
at com.a.a.b.a.aq.get(Unknown Source)
at com.a.a.b.cp.a(Unknown Source)
at com.a.a.b.ai.c(Unknown Source)
at com.a.a.b.bg.a(Unknown Source)
at com.a.a.a.o.a(Unknown Source)
at com.a.a.b.ee.a(Unknown Source)
at com.a.a.b.ag.a(Unknown Source)
at com.a.a.b.cb.a(Unknown Source)
So as the documentation states you need a stack trace file, and there appears to be no indication of getting a valid stack trace file from the device.
The only way I have seen this done is by providing a custom exception handler and writing the stack trace to the sdcard.
For mac user use bellow code to run the
/Users/XYZ/Library/Android/sdk/tools/proguard/bin/proguardgui.sh
Run the GUI above from the path above.
Click the 'ReTrace' button at the bottom of the panel on the left.
Add the path to your Mapping File (mapping.txt) in the 'Mapping
file' text box.
Paste a copy of your stack trace in the 'Obfuscated stack trace'
text box. Click
'ReTrace' in the bottom right.
Happy Debugging!
Steps to get obfuscated apk:
Download latest proguard from proguard site. Current latest version is proguard4.7
Replace "bin" and "lib" folder of C:\Program Files (x86)\Android\android-sdk\tools\proguard with latest downloaded proguard folders.
Check SDK location in eclipse for blank spaces in it and for that go to Window > Preferences > Android. If there is blank space then replace it with:
c:\Progra~2\android\android-sdk (for windows 64-bit)
c:\Progra~1\android\android-sdk (for windows 32-bit)
Check that proguard.cfg file is in your project's root folder and add proguard.config=proguard.cfg in project.properties file of android project.
Now export your project to get obfuscated apk.

Obfuscated apk code crash log

I'am working with a large android project,very large,and we obfuscate our code when we release our apk to market,now the trouble is:
when our application crashed,actually,our application would post the crash log to our service,but the crash log make no mean,because we have obfuscated it already,we got infomation like this:a(),b(Unknown Source),c()....
so,how to deal with it?how to geting a readable crash log in obfuscate apk?Thanks!
When you obfuscate your code, a file called mapping.txt is generated. This file describes the mapping between your original symbols and their obfuscated versions.
If you save this file for your public builds, you can use the retrace tool to deobfuscate any stack traces you receive from crashes, thereby making them useable for fixing bugs! You invoke the tool as follows:
retrace.sh -verbose mapping.txt obfuscated_trace.txt

Categories

Resources