Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to decompile Facebook with latest APKtool compiled from source #2893

Closed
Phone-Guru opened this issue Sep 22, 2022 · 10 comments
Closed

Unable to decompile Facebook with latest APKtool compiled from source #2893

Phone-Guru opened this issue Sep 22, 2022 · 10 comments
Labels
Bug

Comments

@Phone-Guru
Copy link

Phone-Guru commented Sep 22, 2022
edited by iBotPeaches
Loading 

java version "1.8.0_341"
Java(TM) SE Runtime Environment (build 1.8.0_341-b10)
Java HotSpot(TM) 64-Bit Server VM (build 25.341-b10, mixed mode)
Exception in thread "main" brut.androlib.AndrolibException: Could not decode arsc file
	at brut.androlib.res.decoder.ARSCDecoder.decode(ARSCDecoder.java:56)
	at brut.androlib.res.AndrolibResources.getResPackagesFromApk(AndrolibResources.java:790)
	at brut.androlib.res.AndrolibResources.loadMainPkg(AndrolibResources.java:64)
	at brut.androlib.res.AndrolibResources.getResTable(AndrolibResources.java:56)
	at brut.androlib.Androlib.getResTable(Androlib.java:74)
	at brut.androlib.ApkDecoder.getResTable(ApkDecoder.java:247)
	at brut.androlib.ApkDecoder.decode(ApkDecoder.java:109)
	at brut.apktool.Main.cmdDecode(Main.java:175)
	at brut.apktool.Main.main(Main.java:79)
Caused by: java.io.IOException: Expected: 0x00000008, got: 0x0000000c
	at brut.util.ExtDataInput.skipCheckShort(ExtDataInput.java:53)
	at brut.androlib.res.decoder.ARSCDecoder.readValue(ARSCDecoder.java:387)
	at brut.androlib.res.decoder.ARSCDecoder.readEntryData(ARSCDecoder.java:312)
	at brut.androlib.res.decoder.ARSCDecoder.readTableType(ARSCDecoder.java:297)
	at brut.androlib.res.decoder.ARSCDecoder.readTableTypeSpec(ARSCDecoder.java:212)
	at brut.androlib.res.decoder.ARSCDecoder.readTablePackage(ARSCDecoder.java:133)
	at brut.androlib.res.decoder.ARSCDecoder.readTableHeader(ARSCDecoder.java:85)
	at brut.androlib.res.decoder.ARSCDecoder.decode(ARSCDecoder.java:51)
	... 8 more
@iBotPeaches
Copy link
Owner

Odd, why would think the size of the value is 12. I believe the spec is clearly 8.

https://github.com/aosp-mirror/platform_frameworks_base/blob/master/libs/androidfw/include/androidfw/ResourceTypes.h#L282

  • unit16 - size
  • unit8 - 0
  • unit8 - type
  • unit32 - data

@iBotPeaches
Copy link
Owner 

➜  2893 aapt2 dump resources 2893.apk | grep -i '7F0B001A' -B 3 -A 3
      () (id)
    resource 0x7f0b0019 id/(name removed)
      () (id)
    resource 0x7f0b001a id/(name removed)
      () (id)
    resource 0x7f0b001b id/(name removed)
      () (id)
➜  2893

Nothing odd about the resource that reports as an odd size.

@Skylled

This comment was marked as off-topic.

Sign in to view
@ChillVibesMushroom
Copy link

I haven't tried decompiling apps like Facebook kinda just trying to get adding permissions to my msfv apk down because when I do add a permission it won't show on my permissions list on install and tbh it won't even connect back to my listener any links anyone can send I figured someone here would know

@HassanMirza01

This comment was marked as off-topic.

Sign in to view
@Morsmalleo
Copy link

Morsmalleo commented Oct 31, 2022
edited
Loading

I know you can get around the Decompiling Problem with older FACEBOOK versions by editing some files for APKtool and declaring

RES_TYPE_NAME_STYLES = style 2 all the way up to style 5.

I know this because I've done this before, not sure if its an official way of doing it + im also not sure if it will work for later version of FACEBOOK but it worked for me when I tired it (this was around the time v2.5.0 released for Apktool), problem is I cant remember the name of the 2nd .java file that needs to be edited...

I know the first file to edit is called ResTypeSpec.java, I just cant remember what the 2nd .java file is called

Edit

The files I edited to get Apktool to decompile older Facebook APK's is

  • ResTypeSpec.java
  • ResValueFactory.java
    Not sure if editing these files will work for newer versions

@iBotPeaches iBotPeaches mentioned this issue Nov 21, 2022
Closed
@iBotPeaches
Copy link
Owner

Okay, doing some work here. The original issue opened is Facebook being Facebook and nothing looks like that has changed between 2.6.1 and 2.6.2.

The first comment by @Skylled was a real regression added during 2.6.2 so I've split that into #2945 as I believe resolved. So leaving this as just the Facebook item.

@iBotPeaches
Copy link
Owner 

➜  2989 apktool d 2989.apk -f
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
I: Using Apktool 2.8.1-c744dd-SNAPSHOT on 2989.apk
I: Loading resource table...
W: Chunk header size (16), read (12). Exceeding bytes: 0x5353544B.
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: /home/ibotpeaches/.local/share/apktool/framework/1.apk
I: Regular manifest package...
I: Decoding file-resources...
I: Decoding values */* XMLs...
I: Baksmaling classes.dex...
I: Copying assets and libs...
I: Copying unknown files...
I: Copying original files...
I: Copying META-INF/services directory
➜  2989

Original issue was resolved when added support for skipping remaining entries in a chunk. Which was same issue as this: #3036

So technically resolved in 2.8.0

@Phone-Guru
Copy link
Author

File decompiles but is filled with APKTOOL_DUMMYVAL entries.

@iBotPeaches
Copy link
Owner

File decompiles but is filled with APKTOOL_DUMMYVAL entries.

When the original human name is stripped. What do you expect?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@iBotPeaches @Phone-Guru @Skylled @HassanMirza01 @Morsmalleo @ChillVibesMushroom