Skip to content

Instantly share code, notes, and snippets.

@nstarke
Last active May 19, 2024 12:58
Show Gist options
  • Save nstarke/615ca3603fdded8aee47fab6f4917826 to your computer and use it in GitHub Desktop.
Save nstarke/615ca3603fdded8aee47fab6f4917826 to your computer and use it in GitHub Desktop.
How to make a Release Android App debuggable

How to make a Release Android App debuggable

Let's say you want to access the application shared preferences in /data/data/com.mypackage.
You could try to run adb shell and then run-as com.mypackage ( or adb shell run-as com.mypackge ls /data/data/com.mypackage/shared_prefs), but on a production release app downloaded from an app store you're most likely to see:

run-as: Package 'com.mypackage' is not debuggable

While ADB's adb backup command will pull many of the files from the application's data directory, the files can be inconsistent with what is actually on the device. If you want to see what is actually on the device, you need to make the application debuggable.

For this task, we'll need apktool ( http://ibotpeaches.github.io/Apktool/ ). Once you have it setup, you'll need to find the path to the APK to pull it off the device. Run:

$ adb shell pm list packages -f -3

Find the package in the list (it should look something like /data/app/com.mypackage.apk=com.mypackage), and pull it off the device:

$ adb pull /data/app/com.mypackage.apk

Next, we need to disassemble the apk using apktool:

$ apktool d -o output-dir com.mypackage.apk

In output-dir, find AndroidManifest.xml and open it up in the text editor of your choice. In the application xml node, add the following xml attribute:

android:debuggable="true"

Now we need to reassemble the application. We do this by running:

$ apktool b -o com.mypackge.apk output-dir

Finally, we need to resign the APK so that the device will accept it:

$ keytool -genkey -v -keystore resign.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore resign.keystore com.mypackage.apk alias_name

That's it! You should now be able to transfer the new com.mypackage.apk back to the device and run it. Now you should be able to run adb shell run-as ls /data/data/com.mypackage/ without getting the debuggable error.

@olejorgenb
Copy link

olejorgenb commented Aug 22, 2017

Thanks for finding info on this! Can you still access pre-existing data after the re-signing? I thought that resigning the app would give a new data folder or something.

@rpatterson
Copy link

This doesn't work for me, it fails with:

Failed to install ...: Failure [INSTALL_FAILED_UPDATE_INCOMPATIBLE: Package ... signatures do not match the previously installed version; ignoring!]

FYI, I also wrapped this up in a script to make testing easier:

#!/bin/sh
# Make an android app debugabble and reinstall

set -ex

DNAME="CN=Ross Patterson, OU=me, O=rpatterson.net, L=San Francisco, ST=CA, C=US"
PACKAGE_RE='^package:(/data/app/([^-]+)-.+==/(.+.apk))=.+'
MANIFEST_RE='(<application [^>]+)>'

export PATH=$HOME/Android/Sdk/platform-tools:$PATH

app="$1"
storepasswd=$(pwgen 16 1)

package_listing=$(adb shell pm list packages -f -3 | grep "$app")
apk_path=$(echo "$package_listing" | sed -En "s|$PACKAGE_RE|\1|p")
package_name=$(echo "$package_listing" | sed -En "s|$PACKAGE_RE|\2|p")
apk_basename=$(echo "$package_listing" | sed -En "s|$PACKAGE_RE|\3|p")

adb pull "$apk_path" "$package_name.apk"
apktool d -f -o "$package_name" "$package_name.apk"

mv "$package_name/AndroidManifest.xml" "$package_name/AndroidManifest.bak.xml"
sed -E "s|$MANIFEST_RE|\1 android:debuggable=\"true\">|" \
    "$package_name/AndroidManifest.bak.xml" > "$package_name/AndroidManifest.xml"

apktool b -o "$package_name.apk" "$package_name"

keytool -genkey -v \
        -keystore "$package_name.keystore" -storepass "$storepasswd" \
        -alias "${app}_debuggable" -keyalg RSA -keysize 2048 -validity 10000 \
        -dname "$DNAME"
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 \
          -keystore "$package_name.keystore" -storepass "$storepasswd" \
          "$package_name.apk" "${app}_debuggable"

adb shell cmd package uninstall -k "$package_name"
adb install -r "$package_name.apk"

@mavaddat
Copy link

I am also getting this error.

Failed to install .\com.mypackge.apk: Failure [INSTALL_FAILED_UPDATE_INCOMPATIBLE: Package com.amazon.kindle signatures do not match the previously installed version; ignoring!]

@trueleowdeo
Copy link

@rpatterson and @mavaddat, remember to uninstall the original apk!! Your modified apk is signed with a new certificate, so you cant try to install it as an update to the genuine signed original release apk. Uninstall this original apk and try again, it should work

@don1001
Copy link

don1001 commented Apr 17, 2018

I follow your steps but get an error

jarsigner: unrecognized option '-sigalg'
jarsigner: Try 'jarsigner -help' for more information

after

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore resign.keystore com.mypackage.apk alias_name

@moshuchao
Copy link

can not open jar file

@moshuchao
Copy link

can not open jar file

@liujian883
Copy link

hi, I download an apk from web ,then I use apktool to unpack to a output dir, i modified the AndroidManifest.xml. but at last step,
i got the same error as moshuchao. the jarsigner print can not open jar file:com.mypackage.apk message
how to fix it. thx!

@askarsyzdykov
Copy link

@liujian883 in these scripts there are typo com.mypackAge.apk vs com.mypackge.apk

@rbondoc96
Copy link

Hi there! I came across this while trying to find a way to make a release apk debuggable when I don't have access to the source code. This was really helpful and I was able to make it work! I did run into an issue while installing the rebuilt apk that I was able to solve, so I thought I'd share here in case someone else runs into a similar issue.

When I got to installing the re-built apk, I got this error

Performing Streamed Install
adb: failed to install Debuggable.apk: Failure [INSTALL_FAILED_INVALID_APK: Failed to extract native libraries, res=-2]

To solve this, all I had to do was set the following <application> attribute to "true" in AndroidManifest.xml (since it was initially "false"):

android:extractNativeLibs="true" 

Then I rebuilt & re-signed the apk, and it installed successfully 🙂

@korjaa
Copy link

korjaa commented Aug 29, 2021

My packing errors were fixed with this cleanup(?) command.

apktool empty-framework-dir
# followed by
apktool d
apktool b

@julKali
Copy link

julKali commented Sep 29, 2021

I made a python3 script to achieve exactly this without any dependencies other than apksigner which is always needed when modifying an APK. No apktool or additional packages required!
https://github.com/julkali/makedebuggable

@korjaa
Copy link

korjaa commented Oct 1, 2021

Thanks for the makedebuggable, it solved my issue! I had some success with apktool, but soon as I tried to launch the application it would crash. I had no such issues with this tool.

I had to manually sign the output with below, as there was some mismatch with the Ubuntu shipped apksigner (different cli args?).

python3 makeDebuggable.py apk com.mypackage.apk com.mypackage.debug.apk resign.keystore alias_name
apksigner sign --ks resign.keystore com.mypackage.debug.apk

@julKali
Copy link

julKali commented Oct 3, 2021

Thanks for the makedebuggable, it solved my issue! I had some success with apktool, but soon as I tried to launch the application it would crash. I had no such issues with this tool.

I had to manually sign the output with below, as there was some mismatch with the Ubuntu shipped apksigner (different cli args?).

python3 makeDebuggable.py apk com.mypackage.apk com.mypackage.debug.apk resign.keystore alias_name
apksigner sign --ks resign.keystore com.mypackage.debug.apk

Could you please post the version and the error that apksigner returned to stdout (if this is shown)? You can also edit your post, to not clutter this thread too much. Would be a great help! I am using version 0.9

@korjaa
Copy link

korjaa commented Oct 3, 2021

I'll create an issue to your repository, that should keep things tidy and readable.

@luihum
Copy link

luihum commented Mar 3, 2022

For a split APK do I need to set all APKs that are going to be installed as debuggable?

@Spark-Cybel
Copy link

Spark-Cybel commented Mar 15, 2022

Am facing an issue while I am recompiling the apk again
As
output-dir/res/xml/locales_config.xml:3: error: Error parsing XML: unbound prefix

locales_config.xml

<?xml version="1.0" encoding="utf-8"?>
<locale-config>
    <locale android:name="ca" />
    <locale android:name="da" />
    <locale android:name="fa" />
    .
    .
    .
    <locale android:name="zh-TW" />
</locale-config>

https://stackoverflow.com/questions/71267862

@olalonde
Copy link

olalonde commented Mar 3, 2023

When installing I get:

adb: failed to install com.mypackage.apk: Failure [-124: Failed parse during installPackageLI: Targeting R+ (version 30 and above) requires the resources.arsc of installed APKs to be stored uncompressed and aligned on a 4-byte boundary]

Edit:

Works by using this command instead of jarsigner:

apksigner sign --ks resign.keystore --ks-pass pass:somepassword myapp.apk

@Arinerron
Copy link

What if the jar file is one that you cannot uninstall? Is there an easy way to just change the package path so it doesn't error?

@amahdy
Copy link

amahdy commented Jul 16, 2023

After spending the night on this, I've compiled all errors, findings, and workarounds here: https://gist.github.com/amahdy/87041554f62e384bee5766a958fd4f9a

Unfortunately I still did not achieve what I was aiming for (which is linking the new apk with the old data), the only solution would be root but I'm still avoiding it for now.

@kdrkdrkdr
Copy link

This script can make app debuggable!

apk_name=com.example
apk_location=$(adb shell pm list packages -f -3 | grep $apk_name | sed 's/.*:\(.*\).apk.*/\1/').apk
adb pull $apk_location original.apk
keytool -genkey -v -keystore resign.keystore -storepass androiddbg -alias androiddbg -dname "CN=Android Debug,O=Android,C=US"
python make_debuggable.py apk original.apk patched.apk resign.keystore androiddbg
adb uninstall $apk_name
adb install patched.apk

Push file example!

tmp="/data/local/tmp"
adb push /home/Desktop/a.txt $tmp
adb shell run-as com.example cp $tmp $dst

Pull file example!

app="com.example"
adb -d shell "run-as $app cat /data/user/0/$app/file.txt" > file.txt

@RomanDorofeyev
Copy link

apksigner sign --ks resign.keystore --ks-pass pass:somepassword myapp.apk

Thanks, that helps!

@Shmuel930
Copy link

Did everything, the app is signed and I can install it.
But it crashes at the moment I start it.
Any idea why?

@julKali
Copy link

julKali commented Dec 20, 2023

Did everything, the app is signed and I can install it. But it crashes at the moment I start it. Any idea why?

@Shmuel930 I cobbled up a script that often works better, have you tried using it? Unlike apktool it doesn't decompile (and recompile) the whole Manifest, so it tends to be more robust against obfuscation and anti-debugging measures.

https://github.com/julkali/makedebuggable

@Shmuel930
Copy link

Did everything, the app is signed and I can install it. But it crashes at the moment I start it. Any idea why?

@Shmuel930 I cobbled up a script that often works better, have you tried using it? Unlike apktool it doesn't decompile (and recompile) the whole Manifest, so it tends to be more robust against obfuscation and anti-debugging measures.

https://github.com/julkali/makedebuggable

Hey, yea I've used it as well, same results

@Strengthless
Copy link

Got the INSTALL_PARSE_FAILED_RESOURCES_ARSC_COMPRESSED error upon installation.

It seems that jarsigner no longer works for SDK 30+.

Switched to using apksigner, and things worked perfectly.

apksigner sign -v --ks resign.keystore com.mypackage.apk

@julKali
Copy link

julKali commented Mar 14, 2024

Did everything, the app is signed and I can install it. But it crashes at the moment I start it. Any idea why?

@Shmuel930 I cobbled up a script that often works better, have you tried using it? Unlike apktool it doesn't decompile (and recompile) the whole Manifest, so it tends to be more robust against obfuscation and anti-debugging measures.
https://github.com/julkali/makedebuggable

Hey, yea I've used it as well, same results

If you haven't solved it yet, would you mind opening an issue on my repo, (or apktool's and linking it here), I would be interested in finding the problem.

@mickael28
Copy link

@nstarke @julKali , I followed the apktool script and manage to create a debuggable APK of Need For Speed (trying to copy the save date in a new Android 12), the problem I have though is that when launching the app on the phone, it just doesn't work.

It gives and error and just say: try later or quit.

Do you know why that could be?

@ttsiodras
Copy link

Just wanted to thank you - this worked perfectly for me to set an app on my Quest 1 as debuggable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment