Related
Okay, I'm writing this because I want to help any other newbies trying to learn how to reverse engineer. The technical details involved in this are extremely daunting, so the purpose of this tutorial is to first explain in layman terms exactly what you're trying to accomplish and what to expect. Then we'll go over the details. That way you're not completely blind going into this. I'm fairly new to the scene, so I'm not as knowledgeable as everyone else. If you see any errors in my post, let me know so I can change. I'm going to assume you know a little bit of Java, can find your way around a computer, and know nothing about Android. The techniques used should work with other Android phones. For this tutorial I'm using Windows 7, Cygwin, and my stock (not rooted) EVO 4G mobile phone.
The FM tuner for the Evo is run by a Broadcom chip: BCM4329. This chip is pretty amazing in that it does wireless, bluetooth, and it has an FM receiver/transmitter. We're interested in the FM receiver / transmitter.
Now, all android phones are based on a Linux kernel. Basically they're Linux running computers. The Android operating system is then installed onto the linux system. Every app is then run off of Android.
Android is based on Java but it is not a Java system. It uses a virtual machine called Dalvik. Google did this to get around licensing issues with Sun Microsystems. So they pretty much invented their own machine language (called byte code) for the Java language. This makes things complicated for the reverse engineer because from what I've read, once Java is converted into this machine language or byte code, it can't be converted back.
So let's rehash.
If you were programming strictly in Java, you would see these extensions:
Java source code = .java
Compiled Java source code = Java byte code = .class
Compressed file to package your program = .jar (Java Archive)
But since you're programming in Android and Dalvik, you will see these:
Java source code = .java
Compiled Java source code = Dalvik byte code = .dex
Compressed file to package your program = .apk
(I haven't mentioned this, but HTC further Optimizes their .dex code)
Optimized Dalvik byte code = .odex
I'm writing all of these down because it's very easy to get confused with all of the extensions. (for me at least!). remember how I said once you go dex, you can't go back to java? That's where JesusFreke comes in. He's a senior member of XDA, and he created "baksmali" and "smali", two programs that can convert the Dalvik code back into a human readable format. These files have extensions of .smali
Decompiled Dalvik byte code = .smali
But what can you do with .smali files? That's where this other senior member, brut.all comes in: He developed apktool. apktool takes JesusFreke's work to the next level. This program in conjunction with NetBeans, actually lets you trace through any program using the .smali code taken from JesusFreke's programs!
apktool does this by converting those .smali files into "fake" .java files that can be used by the NetBeans (program that compiles and makes java programs) IDE. I say "fake" because apktool embeds the .smali code into java files as comments. However, once you attach a debugger to NetBeans, you'll see that the debugger will follow line by line every execution statement found in the smali code!
So...... you can take the program you want, plug it into Net Beans using a debugger (using the default ddms command provided by Android SDK), and you can trace everything you do in the program. I have it connected to my phone, so whenever I push a button while running my HTC FMRadio app or unplug my headphones,I see the corresponding response to the HTCFMRadio code I have loaded in NetBeans. I can now see in real-time how the program operates from my own interactions... JAM.
Technical Aspects: How to get from ground zero to tracing HTCFMRadio?
1.) Download Android SDK - Go to google development site and follow instructions: Make sure to download the latest Java JDK. Once that is installed, download NetBeans 6.8. Unfortunately, smali debugging does not work with the lastest versions of NetBeans.
Download the "Java SE" version for minimal space
http://netbeans.org/downloads/6.8/index.html
You can follow the rest of Google walkthrough and download Eclipse and ADT plugin, but it's not pertinent to this. You're going to be using adb and ddms from the android SDK extensively, so make sure the path for </android SDK/tools> is included in the PATH variable in your ENVIRONMENT SETTINGS. To get here, right click My computer, click properties, Advanced Settings, ENVIRONMENT SETTINGS.
2.) Search for 7z and download it. It is an awesome and free compression tool that will be extremely useful. It can be used to "unzip" .jar, .apk, and other compressed formats.
3.) Get the Radio app. You can do this by going to "shipped-roms" website, downloading the latest Supersonic image, and following the directions in the unlockr tutorial for HTC kitchens at the unlockr website... (once you have extracted the files from the image, you can look in the system/app and system/framework directories to get the files listed below) or:
you can pull the following files from your phone:
Using the command prompt type (and with phone plugged in, and with USB debugging enabled on phone):
adb pull /system/app/HtcFMRadio.odex
adb pull /system/app/HtcFMRadio.apk
adb pull /system/framework ./framework
This will put HtcFMRadio.odex and HtcFMRadio.apk in the current directory and create a framework directory with more files. A couple of the files in the framework are needed for the HtcFMRadio app, but for simplicity, we're just going to pull the whole directory.
Now that we have the files, we have to make a few changes to make the app installable and to be viewable by the debugger. To do this we have to decompile the .odex format into a human readable format we can edit. That brings us to:
3.) Download baksmali and smali from Project Hosting on Google Code (google search smali).
Usually an Android application is made up of one file, an apk file. Inside the apk file is an AndroidManifest.xml file, a classes.dex file (compiled Java code for the program), and other folders. The other folders contain either graphics or other .xml files that tell the program how it should look to the user. We don't have to worry about those for now. This is important because APKTOOL only opens programs set up this way. But wait up? We didn't download one .apk file, we downloaded an .apk file and an .odex file! What gives? Well, if you right click the apk file and open it (using 7z), you'll see that it's missing the classes.dex file. The dex file for the app is actually the HtcFMRadio.odex file we downloaded. So, to make this system app more like a nominal app, we have to find a way to convert the HtcFMRadio.odex to a classes.dex file. That's easy with baksmali and smali!
Once you download goto command prompt and type:
java -jar baksmali-<version>.jar -d framework -x HtcFMRadio.odex
(Remember to match baksmali-<version>.jar with the filename of baksmali you downloaded)
If done correctly, you should see a newly created \out directory
This creates an out\com\htc\fm directory with many .smali files.
Now let's reverse the process and put it back as a dex file. Type at command prompt:
java -jar smali-<version>.jar out -o classes.dex
If done correctly you'll see a newly created classes.dex.
now, right click on HtcFMRadio.apk (select 7z and open). Drag classes.dex into the file. Say yes to the prompt. Now you have a normal apk file APKTOOL can read!
4.) Download APKTOOL from Project Hosting on Google Code and the helper apps for your OS. (If you're extracting files for windows OS you should have apktool.bat and aapt.exe). Extract (again using 7z, don't you love this program?) apktool.jar (keep it as a jar file, don't extract the stuff inside of it), apktool.bat, and aapt.exe to the directory you're working on. To make things neat, you can also delete HtcFMRadio.odex (you don't need it anymore) and classes.dex (make sure you put it in the HtcFMRadio.apk file first!)
If this is the first time you're using apktool, then you have to install the htc framework so apktool can baksmali the Radio app. You only have to do this once:
apktool if ./framework/com.htc.resources.apk
Alright, at the command prompt:
apktool d -d HtcFMRadio.apk
This extracts the contents of HtcFMRadio.apk and places them in the HtcFMRadio directory. However, there are two major differences between this content and the content created in step 3. If you go into the smali directory you'll see that instead of .smali files, you'll see .java files. And if you go back and edit the AndroidManifest.xml file, you will also see that it's in text! Android applications convert their xml files to binary format. Now that APKTOOL has converted everything to an IDE friendly format, we can use NetBeans to edit everything. The first thing we're going to do is edit AndroidManifest.xml (using notepad) and add the following:
android:debuggable="true" to the Application tag.
IT should now look like this:
<application android:theme="@android:style/Theme.Black.NoTitleBar" android:label="@string/fm_app_name" android:icon="@drawable/fm_radio" android:taskAffinity="android.task.fmradio" android:description="@string/htc_corp" android:allowTaskReparenting="true" android:debuggable="true">
This permission lets the debugger watch the program while it's running on the phone.
We are going to run into two problems if we try to install this program. One is that Android doesn't let you install more than one copy of a system app. The second issue is that if we change the signature of our system app, then we'll have to change the signatures of our other system apps as well! Ahh.... So, to get around that, we're going to trick Android into thinking we have a completely new program. We're going to do that by renaming the com.htc.fm class to com.htc.modradio class. Next step:
5.) Cygwin (or Linux virtual machine)
The easiest way that I can think of to replace strings in multiple files is by using linux. You can most definitely do it in WIndows, but I dont know how. If you let me know how, I can put it in this tutorial.
(update: you can use Notepad++ to easily find/replace strings in multiple files for Windows. You still, however, want to download Cygwin if you're going to develop with Android-NDK.)
For now, just search for Cygwin (Cygwin is a program that lets you run Linux commands from a command prompt using your Windows directories), and install it. Make sure to have the Perl option selected. You'll need Perl to make the following commands work.
Once you get Cygwin up and running
cd <to your HtcFMRadio directory>
in my case it's
cd /cygdrive/c/Users/Jerry/Desktop/HtcFMRadio
now type the following commands in this order:
this command changes all occurances of htc/fm to htc/modradio in your xml and .java files.
find ./ -type f | xargs perl -pi -e 's/htc\/fm/htc\/modradio/g'
this command changes all occurances of htc.fm to htc.modradio
find ./ -type f | xargs perl -pi -e 's/htc.fm/htc.modradio/g'
If you don't follow this order, your source code will get messed up.
If using cygwin, a bunch of .bak files will be created. Using windows search, find all .bak files in your HtcFMRadio directory, then select them all and delete them (Make sure they are only files with .bak!)
Now just rename the fm directory to modradio. It is located in HtcFMRadio/smali/com/htc
Now go to your windows command prompt and type:
apktool b -d .\HtcFMRadio modradio.apk
Now sign and install modradio.apk on your phone.
adb install modradio.apk
If you have never signed before, then you need to use keytool and jarsigner. These two files are in your JDK directory, so make sure you include your JDK directory in the PATH variable of your ENVIRONMENT SETTINGS. (To get here, right click on My Computer, click Properties, Advanced Settings, Environment Variables. Once you make change, open up a new COMMAND prompt to see changes).
cd to the directory which has modradio.apk
now type:
keytool -genkeypair
Answer all questions, then use the same password for all password prompts.
Next type:
jarsigner -verbose modradio.apk mykey
Type in the password you created in the above step. Your apk should now be signed.
Next install:
adb install modradio.apk
Success!
6.) Testing the app on phone
Go to your phone and you'll now see a new FMRadio icon next to your first. Click on it and watch it open. It should now be able to play music. Keep it open.
7.) Using Netbeans
Go into HtcFMRadio and delete the build directory created by APKTOOL.
Now open up Net Beans and click on File, New Project, Select Java Project with Existing Sources, click on Next
Select HtcFMRadio directory for Project Folder, rename Project Name to whatever you want. Let's type in ModRadio. click on Next
Next to "Source Package Folders" click on "Add Folder" and select the smali directory.
Click Finish. For a quick tutorial by Brut.all, search APKTOOL in youtube and click on: Apktool Demo 2 - Smali improvements
Right click on Libraries. Click on "Add Jar / Folder". You want to add Android.Jar. Since I have Android 2.1 loaded I went to /platforms/android-7 located in my android SDK directory.
Your project is now ready for editting!
8.) Running the Debugger to trace through program.
Next go back to Windows command prompt and type ddms. This runs the Dalvik Debug Monitor. A window should open up. In the left hand side you should see com.htc.modradio. That's our app! To the right you're going to see 2 numbers, you're interested in the one to the right, 4 cells away from com.htc.modradio. This number is a port number, and you're going to use it to communicate with NetBeans. (In my case it is 8603)
Go back to NetBeans and click on Debug, Attach Debugger.
In the host field type: localhost
In the Port field: type in the second number you saw. (8603)
If everything is working you'll see a bug appear next to com.htc.modradio in the Dalvik Debug Monitor. Look at the bottom bar of NetBeans for feedback. If you get errors make sure the numbers match, or try port 8700 and make sure you select com.htc.modradio in the Dalvik Debug Monitor. Port 8700 is the default port used for whatever program you select in Dalvik Debug Monitor.
9.) Setting a breakpoint
I'm making this a seperate step because it is completely arbitrary. When creating a break point be sure to follow this rule:
You must select line with some instruction, you can't set breakpoint on lines starting with ".", ":" or "#".
Rather than looking for a spot to breakpoint, though, I'll tell you where to put one so you can quickly see how the debugger traces through the code. You aren't "REQUIRED" to do the next step, but if you want to trace you have to put a breakpoint somewhere.
In Net Beans click on the Project tab, click on Source Packages, com.htc.modradio, and then doubleclick on BroadcomFMTuner.java
We're going to insert a breakpoint. Scroll down to line 3226 and on your keyboard press: CTRL-SHIFT-F8, select line in dropdown box and hit ok. (To keep it simple, I usually look for "invoke" instructions to set breakpoints at)
Now go to your phone and click on the physical "back" button on your phone. This will clear the radio,(you should still be able to listen to music). Drag your status bar down. You should see a radio icon. Click on it again. The radio backgroudn will appear, but you wont' see any text or anything. Now go back to your netbeans application. You should now see debug options highlighted! Click on Step Over (F8) to step through!
nice tutorial
Nice tutor! I'm glad that finally someone is interested in smali debugging feature ;-)
About package name changing: I must warn you, that this isn't always that easy. It's advanced task, you must understand, what are you doing - otherwise you will get FCs for some apps and you won't know, why. And you don't have to change Java classes package name, so actually changing com.example.android should be enough - there is no need for changing com/example/android and dir names.
And I have few words about the background/theory: dexes, smali, (de)compiling, etc., but I will write them tomorrow
So I don't have to change the directory names for all of the invokes? Which means I don't have to rename the directory either? That sounds much easier. So you're saying to only replace the name in the application tag in the AndroidManifest.xml file?
Wow I'm a noob
Your badass tutorial just made me realize how much further I have to go. Great work!
BTW, if someone could figure how to make use of the FM transmitter and create an FM modulation app I think that could be popular. Not everyone has cars with input jacks and I know I really could of made use of it for my vacation I just took.
Once you understand how the software interacts with the Broadcom chip it shouldn't take too much should it? I would envision something working just like wifi tether does. No need to turn on the radio, the app just takes control.
Cool! Thanks! Will this work with eclipse also?
oikjdfkrjhr said:
Cool! Thanks! Will this work with eclipse also?
Click to expand...
Click to collapse
According to Brut.all, no.
"Google smali debugging - you'll find an article written by Brut.all"
Eclipse can open the files, but certain workarounds have to be done to get the same tracing to work.
A FM Transmitter that is able to transmit audio to a receiver without any addition cords hardware etc would IMO make the EVO 4G Un-Stoppable!!! I'll donate to support the dev/s in this effort
Will this get FM Radio working on any android phone with that broadcom chip?
Wow, great tutorial. I was looking for the hitch-hackers guide to my new galaxy and I think I found it. Cheers
Thanks this is great. I almost got it 100% working. But there's one problem. I'm debugging some other apk. And I can't set any breakpoints because, since the apktool made fake java files, all the code is comments, so there's no place to set any breakpoints since there's no real executable code!
Help how to get around this?
At the beginning of a class I tried to add something like... int a=0; while keeping the same amount of lines... just before comment start...
Code:
package com.example.app; class MainActivity {
int a = 0; /*
.class public Lcom/example/app/MainActivity;
.super Landroid/app/Activity;
.source "MainActivity.java"
and put a breakpoint there, but it still says its not an executable location.
Any ideas? This is cool and I'm so close with your great tutorial. Thanks!
oikjdfkrjhr said:
Thanks this is great. I almost got it 100% working. But there's one problem. I'm debugging some other apk. And I can't set any breakpoints because, since the apktool made fake java files, all the code is comments, so there's no place to set any breakpoints since there's no real executable code!
Click to expand...
Click to collapse
http://code.google.com/p/android-apktool/wiki/SmaliDebugging
I tried to use Eclipse, but seems it forbids to add breakpoint on unknown (commented out) line :-/ I workarounded this and added breakpoint, then I was able to debug normally, but you should treat apktool debuging as unworkable on Eclipse - at least until someone will find some solution.
Click to expand...
Click to collapse
And actually midnjerry said this to you just few posts above.
neomagik said:
Will this get FM Radio working on any android phone with that broadcom chip?
Click to expand...
Click to collapse
Unfortunately not.
Refer to IntersectRaven's posts regarding enabling the FM Tuner for the Nexus One. He needed to create drivers for a custom Linux kernel to be used with a Desire ROM.
Smali debugging is important, however, because it allows developers to learn the code that implements the "undocumented" hardware for their phone (in this case, HTC phones with a working FM Radio app).
oikjdfkrjhr said:
Thanks this is great. I almost got it 100% working. But there's one problem. I'm debugging some other apk. And I can't set any breakpoints because, since the apktool made fake java files, all the code is comments, so there's no place to set any breakpoints since there's no real executable code!
Help how to get around this?
At the beginning of a class I tried to add something like... int a=0; while keeping the same amount of lines... just before comment start...
Code:
package com.example.app; class MainActivity {
int a = 0; /*
.class public Lcom/example/app/MainActivity;
.super Landroid/app/Activity;
.source "MainActivity.java"
and put a breakpoint there, but it still says its not an executable location.
Any ideas? This is cool and I'm so close with your great tutorial. Thanks!
Click to expand...
Click to collapse
if you're using NetBeans, just keep trying to insert breakpoints at every "invoke" type statement.
A really interesting thread. Thanks for sharing your knowledge with us. A topic like this should have its own Forum like ‘Android Engineering Tutorial’. We need more tutorials like this one!
Bluetooth Driver Files released by HTC!
Just went to
http://developer.htc.com/
Bluetooth driver files released! We should be able to better control the radio now.
Any progress? I'll donate to the first person who gets an app to broadcast my music to my radio.
Sent from my HTC EVO using XDA App
@midnjerry,
sorry if this is way off topic, but it does deal with the fundamental aspects that you have established here.
Can I use this method to reverse engineer the Google Voice app, so that I can have the same program installed twice for my two different Google voice accounts?
I just want to name the application something else, so that I can install it twice with two different sign in names.
reekotubbs said:
@midnjerry,
sorry if this is way off topic, but it does deal with the fundamental aspects that you have established here.
Can I use this method to reverse engineer the Google Voice app, so that I can have the same program installed twice for my two different Google voice accounts?
I just want to name the application something else, so that I can install it twice with two different sign in names.
Click to expand...
Click to collapse
Yeah, I think you can do that. Just change package name of an app to something else.
Brut.all said:
Yeah, I think you can do that. Just change package name of an app to something else.
Click to expand...
Click to collapse
@Brut.all
Can I do that in Eclipse or do I need to use need to use Smali Debugging? Just asking because I am not looking to debug the program only install it twice.
Debian for Desire.
If you are able to try this on another android device, please do as I will be very interested in the results.
Download
http://www.multiupload.com/79TSI1AAF9
You will need.
-Root access.
-Busybox (included in most custom roms)
-1.4gig free on SDCARD
-VNC Client (ie. AndroidVNC)
-Terminal Emulator (ie. ConnectBot)
-7zip
Instructions
-Extract the file deSIREbian.7z on your PC using 7zip.
-Copy the contents (debian.img and deboot) to root directory of SDCARD.
-On your phone in terminal emulator type
su
sh /sdcard/deboot
Click to expand...
Click to collapse
You should get a blank screen showing "localhost:/#" after a couple of seconds.
-On your phone in your VNC client log in using these details
Password - password
Port - 5901
Click to expand...
Click to collapse
Nickname and Address are not needed, call it what you want though.
Changing the colour to 24bit and enabling local mouse pointer and full screen bit map are not neccesary but reccomended.
-Thats it.
Notes.
-You can log in via ssh, (gives a much better terminal, ie works properly with aptitude). Use [email protected] and password "toor"
-The version of Debian is Armel Lenny, installed using debootstrap.
-It is just the base package with LXDE on top, you only get a desktop, a file browser, an internet browser, and a pic viewer.
-If you want more packages there's tonnes of room on the image. eg apt-get install openoffice.org or apt-get install abiword or apt-get install any flipping thing u want
-You can access the SDCARD from Debian at "root/sdcard" (read-write)
-You can access Debian filesystem from Android (When Debian is running) at "sdcard/debian" (read only)
-debian.img is mounted at "sdcard/debian" using "dev/block/loop5"
-So far the only rom i have come accross that this dont work with is one of the cyanogen nightlies from last week. apart from that, working on opendesire, cyanogen, defrost, leedroid, official 2.2 with busybox...
Issues.
Debian cannot be shut down. You need to reboot the phone to do this. (You can kill the VNC server with "vncserver -kill :1" there is an icon on the festoons to do this.)
Update log.
deSIREbain.
-First release.
deSIREbain2
Fixed
-Loading a second terminal no longer breaks vnc.
-You no longer need to create the folder debian on sdcard.
Added
-ssh server (login with root and toor)
Removed.
-The image has been downsized from 2 gig to 1.4
Hey,
thank you for your work, i will test it so far and will tell you the results
got this error:
Code:
# su
su
# sh /sdcard/deboot
sh /sdcard/deboot
mount: No such file or directory
mount: No such file or directory
mount: No such file or directory
mount: No such file or directory
mount: mounting /sdcard on /sdcard/debian/root/sdcard failed: No such file or di
rectory
net.ipv4.ip_forward = 1
chroot: can't change root directory to /sdcard/debian: No such file or directory
#
If you have the same problems try out
su
mkdir /sdcard/debian
losetup /dev/block/loop3 /sdcard/debian.img
mount -t ext2 /dev/block/loop3 /sdcard/debian
ls /sdcard/debian
thx to mercianary for help
greetings
I found this guide quite helpful at getting a bootstrapped Debian setup running.
http://www.saurik.com/id/10
I didn't need to insert the ext2 module as it's already loaded for me, I guess G1s didn't have that convenience back then.
blackstoneuser5 said:
I found this guide quite helpful at getting a bootstrapped Debian setup running.
www . saurik.com/id/10
I didn't need to insert the ext2 module as it's already loaded for me, I guess G1s didn't have that convenience back then.
Click to expand...
Click to collapse
I used parts of this for reference too. Its a great guide, explains things really well.
i've just updated this. link is in the first post.
Fixed
-Loading a second terminal no longer breaks vnc.
-You no longer need to create the folder debian on sdcard.
Added
-ssh server (login with root and toor)
Removed.
-The image has been downsized from 2 gig to 1.4
debian for desire--help please
hi
I spent much time for searching debian or ubuntu for desire, but nothin worked
know i found this and i have download everything and start to install over the terminal
but the " sh /sdcard/deboot" is not workin to
there's only this answer:
# su
su
# sh /sdcard/deboot
sh /sdcard/deboot
[: not found
losetup: not found
mount: No such file or directory
mount: No such file or directory
mount: No such file or directory
mount: No such file or directory
busybox: not found
sysctl: not found
chroot: not found
may somebody help me?
i really want to have it on the desire
thanks
It looks like you had not installed busybox
Which ROM do you use ?
oh i'm sorry
i'm a newbie and don't really know what a rom is
but i had problems with busybox and there was a somebody who said i can get the app titanium and let it install the busybox
could you please show me a tut how to install busybox
maybe a german tut
thanks
Getting error at: sh /sdcard/deboot
line 5: syntax error near unexpected token `else'
Rosi1337 said:
Getting error at: sh /sdcard/deboot
line 5: syntax error near unexpected token `else'
Click to expand...
Click to collapse
dont know why that happened.. works on mine. syntax looks ok to me.
try with this one (attatched), it's the same but without the bit that's not working for you.
what rom are you using, i shall try to replicate the error so I can try to fix properly.
thepuechen said:
could you please show me a tut how to install busybox
maybe a german tut
thanks
Click to expand...
Click to collapse
There should be a guide on installing busybox somewhere if you want to search for it, i know i remember seeing one a while ago.
Too be honest, your better off just flashing a rom that includes busybox, it would be MUCH easier.
have a look here and see what takes your fancy, I would recomend defrost, because it is stable and easy to overclock.
Thanks mercianary,
It works fine!,
I use customised DeFroST_0.9b_uvonly with USB-host patch.
By the way I would like to add more options to kernel line.
Where can I find like a menu.lst file ? or How to add it to kernel line.
There is no /dev/graphics/* in running Debian console.
I would like to use FrameBuffer on running Debian.
thanks,
Android VNC won't connect Trying to get a handshake, but then says that VNC connection failed
please paste at that time log
jacobtc said:
Android VNC won't connect Trying to get a handshake, but then says that VNC connection failed
Click to expand...
Click to collapse
Please paste at that time log.
Maybe vnc server does not running.
tknv said:
Thanks mercianary,
It works fine!,
I use customised DeFroST_0.9b_uvonly with USB-host patch.
By the way I would like to add more options to kernel line.
Where can I find like a menu.lst file ? or How to add it to kernel line.
There is no /dev/graphics/* in running Debian console.
I would like to use FrameBuffer on running Debian.
thanks,
Click to expand...
Click to collapse
You should understand that this is not a really booted native linux. Instead you are working in a chroot environment. So there is no kernel running that can get parameters. Only the the stock kernel of your DeFroST. Also there is no FrameBuffer as the graphic hardware ist not accessible. Instead this approach uses a vnc-server to which you can connect via a local viewer.
The advantage of this approach is clear:
- run almost any linux package available in the debian repository
- use your phone as before with the nice android
The disadvantage:
- no graphic output, so no 3D-games (which are rare under linux on the arm platform ;-)
- you can crash your android by eating up to much ram (not such a problem - it restarts on its own and if not you just have to reboot)
Thread is dead?
It seems this thread is dead. The problems many users seem to have come from a dirty setup. The image is broken in many terms:
- wrong file permissions on important binaries, like su
- wrong file permissions on many device files under /dev, so the ttys are only accessible by root
- wrong permissions on other places so there are always errors when installing additonal software (e.g. with the man pages)
- wrong setup that uses the root user for the desktop - instead an unprivileged user should be used
- missing packages for timezones and locales so the time is only right, if you are in a UTC region and console programs having trouble displaying anything else then plain english
I can not recommend using this setup image. It is better to use one of the instructions available online to get a clean setup.
Su doesn't work because your allready root.
Getting anything but root to work would be a real pain.
As you said its a chroot environment, its never going to be perfect.
The image was made using debootstrap just like all the other 'clean' ones.
Yep, it is broken as hell, but it works for what most people would need it for...make,gcc,python,a proper web browser,torrents, and some emergency word processing on the train to work.
The problem most people have is not being able to mount the image, this is due to fro-yo a2sd taking up all the loop devices.
Just thought I'd add my 2 cents.
I tried this on a MIUI rom and the scripy didnt do anything - ie i ran it using:
"# sh /sdcard/deboot"
.....and all it said was:
"#"
I entered all the lines in the shell script but the last one said it failed to launch VLC and no commands registered property (not even ls)
So i tried it on Defrost 5.1, and the script still didn't work.
But when i entered everything manually, it did work. Not too sure about the green theme though.
But thanks alot! Saves me spending a few hours trying to coax a working debootstrap out of my computer.
Thanks!
Josh.
mercianary said:
Su doesn't work because your allready root.
Click to expand...
Click to collapse
Nope. Actually su works only for root. It's missing the setuid root flag like all other binaries that should have it set.
mercianary said:
Getting anything but root to work would be a real pain.
Click to expand...
Click to collapse
Nope. I am always working as a normal, unprivileged user in my chroot. You just have to be in the proper groups. No need to work as root. Android works also with an unprivileged user.
mercianary said:
As you said its a chroot environment, its never going to be perfect.
The image was made using debootstrap just like all the other 'clean' ones.
Yep, it is broken as hell, but it works for what most people would need it for...make,gcc,python,a proper web browser,torrents, and some emergency word processing on the train to work.
Click to expand...
Click to collapse
This is what I do not understand. There is no need that it is broken, as mine works without any errors. So I think something went wrong in creating yours. For sure a chroot is no running OS but you can server almost any service with it and run anything you want (if your ram does not get exhausted ;-).
mercianary said:
The problem most people have is not being able to mount the image, this is due to fro-yo a2sd taking up all the loop devices.
Click to expand...
Click to collapse
Yes. Everyone with a good rom should have a2sd+ (aka the old a2sd) which saves more space than the froyo one and leaves your loop devices for you.
jo
Note: This Guide Is Specified For Android 4.0.# ICS, but also work with GingerBread.
Before we mod our Android Device, we need to set up a modding environment right?
1. Install JDK.
Search Download and install. The installation of JDK needs JRE (Simply if Java is installed into your computer)
2. Download APK Manager for ICS here
http://db.tt/tuhzSEEl. Extract it.
3. Install framework. Copy your phone's system/framework/framework-res.apk to 'other' folder inside APKManager folder. If there are any additional framework files, copy it into the folder too. More information will be given at the buttom of thr thread. Hold the Shift Key on keyboard amd right click the "other" folder inside APKManager folder and, click "Open CMD Window here". Type:
Code:
java -jar apktool.jar if framework-res.apk
And, if any additional framework files,
Code:
java -jar apktool.jar if *.apk
Replace * by your filename.
OK, delete all the framework apks from the "other" folder.
4. Copy the apk that you want to mod.
Most probably system/framework/framework-res.apk and system/app/SystemUI.apk to "APKManager/place-apk-here-for-modding".
Then, start modding apk processes.
1.When you decompile apk (not necessary for framework-res.apk) , copy the 3 files from "APKManager/other/Original Apktool/" to "APKManager/other/" , replaces the old files.
2. Open script.bat, enter 22 to select the current project (Enter the code of the apk you want to mod then press enter!)
3.Enter 9 Enter to start decompiling process. Do not close the SCRIPT window!
4. "APKManager/projects/*.apk/" here contains the decompiled apk.
5. Do your mod.
6. When you compiling any ICS System apks(unnecessary for normal GingerBread apks), copy the 3 files from "/other/ICS Apktool/" to "/other/", replaces the old files.
6. Return to the SCRIPT window. Enter 11 enter to start compiling apk.
7. NOTE: You [mustn't] sign the apk if it is a system apk. Only sign user apks.
8. Make a flashable zip for your apk.
9. Flash via CWM. (Must with a full nandroid backup before flashing anything!)
Reserved.
Reserved.
Nice tut mate!
Right for beginners like me
Short and has a point. Very good guide. :good:
Thanks friend for this tutorial
Gustavo RD78 said:
Thanks friend for this tutorial
Click to expand...
Click to collapse
papabubadio said:
Short and has a point. Very good guide. :good:
Click to expand...
Click to collapse
M90 said:
Nice tut mate!
Right for beginners like me
Click to expand...
Click to collapse
Thank you too!
Sent from my ST25i using xda premium
dont sign ?
thanks
Thank you!!!!
Greetings.
Enviado desde mi Motorola Atrix
x-dira said:
dont sign ?
thanks
Click to expand...
Click to collapse
You don't have to sign apks if the apk is a system apk.
Sent from my ST25i using xda premium
so, can i add CRT ANIMATION using this method??
j.r.j said:
so, can i add CRT ANIMATION using this method??
Click to expand...
Click to collapse
Good guide, but I think you need to expand on the point about making a flashable zip (unless the APK Manager does this - sorry don't use Windows)
Yes,
Go framework-res.apk/res/values/bools.xml
Change the value from TRUE to FALSE in the line like...
config_animateScreenLight
Great tut brov.... +1
to sign non-system apks:-
java -jar signapk.jar certificate.pem key.pk8 your-app.apk your-app-signed.apk
Example: java -jar signapk.jar certificate.pem key.pk8 ttpod.apk ttpod-signed.apk
danist727 said:
Yes,
Go framework-res.apk/res/values/bools.xml
Change the value from TRUE to FALSE in the line like...
config_animateScreenLight
Click to expand...
Click to collapse
ok, i found framework-res.apk/res but cant find the " values/ " path..
i attached my framework-res.apk
thx for replying
真的很谢谢你:silly:
[Hey guys Aditya here. After a month or so i'm posting tutorial and basic decompiling compiling using adb command!
THINGS YOU WILL NEED
ON WINDOWS PC
1) Winrar
2) 7zip
3) Java
4) Apktool and adb tools!!!!! (Many tools are available download anyone of them)
5) notepad+ AWESOME THING
ON UBUNTU
1) Java
2) Android SDK
3) APKTOOL ofcourse
Let's get started! I asume you using a Windows PC
First of all download and install JAVA
From here
Download Latest Apktool, extract to :
Windows XP : C:\Document and setting\folder your computer name
Windows 7 : C:\user\folder your computer name
copy your apk & framework-res.apk/SemcGenericUxpRes.apk/framework 2 to same folder with apktool
Now you can start Editing apk
Example Editing Walkman
Open Command Prompt (CMD)
TO DECOMPILE
Code:
java -jar apktool.jar if framework-res.apk
java -jar apktool.jar d semcmusic.apk ( can be whatever name you give to your apk )
Some apks need dependies like tw-framework.apk
Code:
java -jar apktool.jar if framework-res.apk
java -jar apktool.jar if semcgenericuxpres.apk
java -jar apktool.jar d your.apk ( can be whatever name you give to your apk )
Now you can edit what you like to. E.g. Res layout etc!
(For more detalis refer Post #3)
TO COMPILE
To compile back the edited apk
Code:
java -jar apktool.jar yourapkname.apk
For signing apk just drop the android manifest and meta inf of older apk or original apk!!!!!!
F.A.Q
A.I'm getting error while compiling apk??
Check if you have installed framework-res.apk most of compiling errors are becoz of this
B.Can apktool batch decompile and recompile apk's??
Yes,many of modded apk manegers or tools can batch decompile and recompile apk's!!
C.Can i MOD any system app using apk tool?
Yes it can mod all types of apk's just make sure you have correctly installed framework and all other dependices!!!!
D.My modded apk is not working! What should i do???
This question is mostly asked to me! Firstly check weather you have put the Meta-Inf from original APK as this folder contain signatures required for apk to get install.Secondly if you have modded some xml check its correct or some code or values are wrong.If any values or wrong code can lead us to FC or Bootloop..!!!
Using ADB and taking logcat!!!!!
USING ADB AND TAKING LOGCAT
What ia adb??
adb stands for Android Debugging Bridge
For what it is used for
adb is commonly used to pull,push,taking system dumpFOR TAKING LOGCAT
What you will need
On windows
1) Java (Hmmm not needed but u should have. )
2) adb tools by me http://d-h.st/vHJ
Now to make it easy first of all check you have enabled USB Debugging in phone its in Developer Options.
PROCDURE
Make a new folder in C Drive
Extract these tools into it (Asume you folder name is adb)
Now open cmd
Code:
type cd..
cd.. again
cd adb
adb
Now you have installed adb on your PC!
TAKING LOGCAT
Code:
adb logcat>logcat.txt
For only redio related log type
Code:
adb -r logcat>logcatr.txt
For only errors type
Code:
adb -v logcat>logcate.txt
Push and pulling apps from system!
Pushing Apps
Pushing app is installing app on its intenrnal memory!Its simple and doesn't need extra powers!
Code:
adb push yourappname.apk /system/app or /system/framework
Place the app in the adb folder
Pulling Apps
Pulling app is to take out your system apps or frameworks etc!
Code:
adb pull /system/app or /framework yourapp.apk
By this method you can take a system dump
Code:
adb pull /system
Understanding Logcats!!!!!
Some keyword's that represent's error'
Code:
"E/" - error
"E/dalvikvm" - possibly crucial system error
"No such file or directory" - says it all
"couldn't" - android likes that, mostly shows faulty things.
"fail"/"failed" - mostly crucial error
"W/"/"warning" - says it all, but not always warn could be a boot failure cause
"exception"(especially NullPointerException) - points you that something went wrong in framework or application work
These type of errors help us understand the error's and we can easily call out from these bugs or errors!!!
Most common errors occuring in an logcat!
"couldn't find native method", the most common reason of a bootloop.
This error causes most of bootloop problems!!!
For example
Code:
E/dalvikvm( 100): ERROR: couldn't find native method
E/dalvikvm( 100): Requested: Landroid/view/GLES20Canvas;.nStartTileRendering:(IIIII)V
E/JNIHelp ( 100): RegisterNatives failed for 'android/view/GLES20Canvas', aborting
As you can see! The main reson for this error is smali present in android/view of framework.jar called GLES20Canvas.smali
This happens while you are trying to port ROMS!!!!
Now if you are having bugs in other apkor jars how can u find ahem! i.e logcat gives us only the location of smali files and not the name of apk or jar! For that you have to study hole android code sources! Some common folders i have posted here!!
Code:
"com/android/server" - services.jar (there is the same folder at framework.jar but most likely you don't need to touch it).
another place we could be mixed up:
"com/android/internal" - framework.jar
"com/android/internal/policy/impl/" - android.policy.jar
for framework.jar path ends up on internal, which represents telephony folder. policy/impl is the only android.policy.jar folder.
Other frameworks are actually not used in port as they contain core android functionality which is common.
Simple MOD's
Now you guy's have idea about how to take a Logcat,use adb,use apktool.
NOW SOME REAL STUFF
MOD's Related to SystemUI.apk
We will start with simple MOD's! Like replacing icons and to some extend changing layout!
Now we will start will replacing icons inside the SystemUI.apk
First of all pull app from /system/app using adb Refer #2
Then copy that app to apktool folder! Type this cmd
Code:
java -jar apktool.jar d SystemUI.apk
Now go to out folder of SystemUI.apk!
Will find META-INF! RES! ANDROID.manifest
Now Navigate to res/drawable-hdpi as our device uses HPDI
You will find many icons now be carefull here! If youare expert n photoshop or any bitmap editor eit these icons! Or search it! Google it you will find many!
Replace these default icons by ur edited once or downloaded once!!
XML EDITING
Some XML's are not so complicated as other once! Some xml's have just true or false! Example
Code:
<bool name="config_hardwareAccelerated">true</bool>
This tells me that Hardware Acceleration is enabled you can disable it by replacing true by false! You just need to experiment around!
Smali Editing!
Coming soon!
Patching!
Coming soon :d
Changelog
CHANGELOG
1 July Monday 6.04pm -- Inital Editing
Old info but very usefull for noobs. Keep it up
:thumbup:
Hit thanks if you think I helped you.
Sent from LG Nexus 4
Thats really awesome keep it coming am a noob and I rly want to learn n b a part of z dev team
Sent from my GT-I9082 using xda app-developers app
For apk editing there are many 3rd party softwares which doesn't requires one to write such huge codes for signing and etc .
Kinda old method
Make.Believe
Razor! said:
For apk editing there are many 3rd party softwares which doesn't requires one to write such huge codes for signing and etc .
Kinda old method
Make.Believe
Click to expand...
Click to collapse
Yup . Like chotu tools
Sent from my GT-I9082 using xda premium
Hello and Welcome to AutoApk topic
#screenshot attached
This Auto tool will do all job for you and you can access it anywhere
lets get started
-----------------------------------------
requirement :
linux [ tested on ubuntu ]
jdk installed
------------------------------------------
installation :
Download the file from the link
extract the zip file
open terminal in the folder
or cd to the folder
then
copy and paste this line
Code:
sudo sh $PWD/install.sh
and enter your password and done
easy huh ?
lets complete the setup .
now copy your device framework-res.apk and put in a folder
open terminal there and select 1
install the framework
( if you have a touch wiz rom install tw framework too by using number 2 )
note :for editing system apps you need that rom frame work installed
now for last step you need to install update binary of your device
you can copy it too a folder
open terminal there and install it by selecting 4>1
you can install from a working flash zip file too just open terminal where the file is and 4>2 enter the name and wait
---------------------------------------------------
hows this tool works ?
lets see .
you have a apk on here :
Code:
/home/me/Desktop/folder/1.apk
you just go to the folder and right click and click open terminal here or manually cd to the folder containing the file
then in the terminal just write
autoapk
follow by a enter and done
you can choose what to do
here are the available commands :
1) Install-framework-res
2) Install-TWframework-res
3) Install-App
4) Install-Update-Binary ( For flashable zips )
5) Decompile
6) Compile
7) Compile+Sign
8) Compile+Sign+Flashable-zip
9) Flashable-zip
10) sign
11) Check-for-Update
12) Reload
13) Exit
-------------------------------------------------------
check for update is working but my server is not good :crying:
if it was good enough i could put auto update
-------------------------------------------------------
codes are sooooooo beautiful ! i love them !
but not open source if any one need anything or want to help me just contact me :victory:
-------------------------------------------------------
credits :
@iBotPeaches for apktool
any donation will help me keep up the project )
paypal : [email protected]
-------------------------------------------------------
current version : 1
no bugs
if you found any contact me :good:
Download :
Here
Code:
v1 release
added flashable zip
and others ....
A tool for android developing in which you will not have a bad time using. Simple to use with great features. - 10/10 Cosinus.
Awesome work with many features packed in at once, i was having bad times downloading all utilities to work on one app, but now I've finally found an AIO tool.
im the 5th comment?
Sent from my GT-I9515 using XDA-Developers mobile app