-
Notifications
You must be signed in to change notification settings - Fork 250
Tutorial3
I want to get all the values and call stacks when a field is being written, In this case, we use FingerPaint in ApiDemo app from Android SDK sample to show how we get the values when someone modifying "private float mX, mY;" in MyView class. (it's more useful to get this kind of info on public fields. Anyways, it's just an example)
- create an eclipse project for ApiDemo (sdk\samples\android-7\ApiDemos)
- build it and get the apk file in bin folder, e.g. sdk\samples\android-7\ApiDemos\bin\ApiDemos.apk
- because we are using the sample app from the SDK, we just use the corresponding android.jar to solve the class path, e.g. sdk\platforms\android-7\android.jar
-
launch the ApkAnalyser
-
File->Settings
Configure ADB executable path in ApkAnalyser, e.g. C:\android-sdk-windows\tools\adb.exe
-
File->Set path
Add android.jar, the file you get from Step 2
Add ApiDemos.apk, the file you get from Step 1
- File->Analyse...
Now, you may do any Dalvik Bytecode Injections as you want.
In this case, we just need the injections for all the field accesses on "private float mX, mY;" in MyView inner class in FingerPaint class, so...
The injections should be '''Print writing this field'''
- Right click "FingerPaint$MyView" class -> Examine class
- '''Note: this step is not nessary to do the modification'''
You may lookup the accesses of that field now, by Right click "private float mX;" -> Find Field accesses
Double click each entry of accesses will directly link to the bytecode accessing the field
- Right click "private float mX;" -> Print writing this field
-
Right click "private float mY;" -> Print writing this field
-
Click "Close" to close the "Examine class" window
-
Modification->Perform bytecode modification
Now there should be a summary of all the class modified and the new APK file
- Prepare the phone. Start emulator or connect your device via usb cable.
Make sure your phone is the only one which connect to the ADB (you may check it with "adb devices"), because there is a limitation that ApkAnalyser only support one device, see Trouble Shooting
-
Click "Install and run", the modified app will be installed and launched automatically.
-
In this case, just launch "API Demos" -> "Graphics" -> "FingerPaint"
-
Click "S" button in the Console to remove all the outputs except our logs (in TAG "APKANALYSER")
-
You may touch the screen to see the logs, here is a snapshot