Debugging Broken APKs

Sometimes you will have troubles to get something done with androguard. This is usually the case if an APK uses some edge cases or deliberately tries to break parsers - which is not uncommon for malware.

Please feel free to open a bug report in such cases, so this error can be fixed. But before you do, try to gather some more information about the APK. Sometimes not only androguard failes to decode the file, but the official tools do as well!

It is also always interesting to know, if such a broken file can still be installed on an Android system. If you like to test this, fire up an emulator and try to run the APK there.

AXML Parser / AndroidManifest.xml

Many errors happen in the parsing of the AndroidManifest.xml.

There are two official tools you can use to decode the AndroidManifest.xml:

  1. aapt2
  2. apkanalyzer

Both are available in the AndroidSDK. While aapt2 can only decode the structure of the file, apkanalyzer can give an actual XML:

Both outputs are actually useful, as aapt2 can provide much more detailed information about the format than apkanalyzer does.

Broken ZIP files

As you might know, APK files are actually just ZIP files. You can test the zip file integrity using the ZIP command itself:

If there are any errors, like wrong CRC32, these get reported here. Other ZIP implementations have similar tools to check ZIP files.

Verifying the APK Signature

You can check the signature of the file using apksigner from the AndroidSDK: