1

I'm trying to work out methods for black box testing APKs with tools such as APKTOOL, Smali, and IDEs such as Eclipse and NetBeans. I have most of what I need - I can decompile/debug instrument/recompile/sign/align and run on a device.

The problem I am having is setting breakpoints once a debugger is attached (breakpoints are set in Smali code). It appears the breakpoints are not submitted to Dalvik or Dalvik is not honoring the breakpoints. Either way, the debugger is not snapping when the program encounters a breakpoint. Some research shows I might need Debug.waitForDebugger. (http://stackoverflow.com/questions/3107587/android-with-jdb-confusion-using-waitfordebugger).

Assuming waitForDebugger is the next hurdle, I can insert it using Smali syntax with invoke-static {}, Landroid/os/Debug;->waitForDebugger()V after adjusting the local stack.

My question is, where do I insert the call to waitForDebugger? Should I chose the MainActivity (from the manifest) in the static constructor (clinit), instance constructor (init), onCreate, or elsewhere? How does IDEs such as Eclipse, NetBeans, etc do this in their debug builds?

jww
  • 97,681
  • 90
  • 411
  • 885
  • 1
    You might try jdb. I just quickly tried it and was able to get it to break, etc. on an Android application. Although it doesn't seem to provide low level "break at this instruction" (only line) or "show this register" (only named locals) commands. Alternately, you can try something like https://github.com/swdunlop/AndBug – JesusFreke Aug 28 '12 at 19:34

1 Answers1

1

The short answer for the above question is to put it in MainActivity.onCreate.

The long answer supplied by Dima on a APKTOOL bug report states that Debug.waitForDebugger is unreliable, and we should spin waiting for a debugger to attach:

boolean debuggerAttached = false;
while(!debuggerAttached ) { ; }

Reference his answer in this bug report: NetBeans/Smali Debugging is Broken (SmaliDebugging Page).

jww
  • 97,681
  • 90
  • 411
  • 885