The problem
I'm trying to edit the AndroidManifest.xml of an app that I downloaded off of the play store to enable debugging.
I can consistently make changes to the app's smali files, recompile the APK, align it, sign it and install it back on my phone without any issues. However, I can't make any changes to the AndroidManifest.xml.
When I add application:debuggable="true" to the AndroidManifest.xml, the phone throws INSTALL_PARSE_FAILED_UNEXPECTED_EXCEPTION after trying to install (on real hardware.)
The author of apktool thinks this is a bug within jarsigner, not apktool. (see https://github.com/iBotPeaches/Apktool/issues/2374)
Commands:
Decompiled with:
apktool d src/base.apk -f --force-manifest -r -o src/decoded
Compiled with:
apktool b --force-all -o src/output/base-unaligned.apk src/decoded
zipalign -f 4 src/output/base-unaligned.apk src/output/modified-base.apk
jarsigner -sigalg SHA256withRSA -digestalg SHA1 -keystore ~/.android/debug.keystore -storepass android src/output/base-unaligned.apk androiddebugkey
Installed with:
adb install src/output/modified-base.apk
Note: It decompiles/compiles successfully. The errors only appear when it tries to install the APK.
Tried messing around with the algorithms that jarsigner uses because some of them produce warnings about being insecure. I don't think this really matters.
Tried cloning apktool and using the upstream version.
Tried many variations of these build commands
My hypothesis:
Normally, when an APK is decompiled with apktool the AndroidManifest.xml is not actually an XML file. Instead, it's in a binary format called AXML.
In order to get apktool to decompile AndroidManifest.xml from AXML back into normal XML, it is necessary to decompile the apk using the apktool option --force-manifest. I think that the problem is that the AndroidManifest.xml is not converted back to AXML when the APK is compiled again. I have verified this by unzipping the resulting APK and checking.
I would try converting it to AXML myself to see if that fixes it, but converting XML to AXML is not an easy task. It might be possible to do this with aapt or aapt2, but these are not exactly the worlds most user friendly programs. There's also a project out there called axml2xml but I haven't been able to get it working.
Questions
Is there an easier way to enable debugging on an app in a reverse engineering context?
Can my hypothesis be confirmed or busted?
What is the cause of this problem and how do I debug it or fix it?
