Facebook app fails after disassemble/reassemble without any changes

[GoogleCodeExporter]

What steps will reproduce the problem?

Sorry for linked file, 10MB max upload on Google code

1. Download Facebook.apk from http://www.sendspace.com/file/tuloij

2. adb install Facebook.apk
Notice how it works fine on device (I'm testing on Galaxy Tab GT-P1010)

3. Decompile, recompile, sign Facebook.apk:
apktool d Facebook.apk
apktool b Facebook Facebook-clean.apk
jarsigner -verbose -sigalg MD5withRSA -digestalg SHA1 -keystore 
./keystorename.keystore Facebook-clean.apk username

4. adb install Facebook-clean.apk

What is the expected output? What do you see instead?
Notice how icon, app name, etc. are incorrect. Launching the app is instant 
crash. I expected it to work the same, as other apps do when reassembled 
(although the Facebook app is extremely complicated compared to others I've 
tried).

What version of the product are you using? On what operating system?
Apktool v1.5.0.5a056e3 Ubuntu Linux 64bit

Please provide any additional information below.
This app was uploaded off of a Nexus One that came preloaded with it. Am I 
doing something wrong? I didn't get any errors during disassemble/reassemble 
from APKtool. One interesting thing, the app is 13.1MB before 
disassemble/reassemble, and 11.0MB after. Strange...

Original issue reported on code.google.com by jsei...@apperian.com on 2 Jan 2013 at 9:56

[GoogleCodeExporter]

The size difference is the change in compressed resources.arsc and a variety of 
other things.

I'll look into it though. btw v1.5.1 is out :)

Original comment by connor.tumbleson on 2 Jan 2013 at 10:21

• Changed state: Accepted

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

I updated to 1.5.1, still not working, thanks for your time and helping me out.

Original comment by jsei...@apperian.com on 3 Jan 2013 at 3:41

[GoogleCodeExporter]

Maybe the issue has to do with disassembling factory-installed applications.

Original comment by jsei...@apperian.com on 9 Jan 2013 at 8:53

[GoogleCodeExporter]

Change the compression level of resources.arsc to 0 and see
And get a logcat of crash

Original comment by varun.ch...@gmail.com on 12 Jan 2013 at 5:41

[GoogleCodeExporter]

I've attached a test version of v1.5.2. Let me know if this works. I couldn't 
get Facebook to crash, simply doing decompile -> recompile -> inject 
resources.arsc / classes.dex back into original apk, along with entire /res 
folder.

No FC.

Original comment by connor.tumbleson on 15 Jan 2013 at 12:45

Attachments:

• apktool.jar

[GoogleCodeExporter]

Does this new 1.5.2 solve issue #391?

Original comment by hue...@gmail.com on 17 Jan 2013 at 12:19

[GoogleCodeExporter]

Sorry, was planning on doing this and then forgot. Question- why do you need to 
do something other than apktool d / apktool b / resign? What does inject 
resources, classes.dex, and copy entire /res folder? Shouldn't the tool do this 
automatically?

Thanks

Original comment by jsei...@apperian.com on 18 Jan 2013 at 7:54

[GoogleCodeExporter]

It means inject / insert those items into the original apk. Not the one Apktool 
built. As Apktool builds it without a signature.

http://code.google.com/p/android-apktool/issues/detail?id=8&colspec=ID%20Stars%2
0Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified

Watch that bug if you can't inject resources. It'll probably be months though 
before I add that feature.

Original comment by connor.tumbleson on 18 Jan 2013 at 8:01

[GoogleCodeExporter]

Ahhh so merely signing a system app after it is recompiled doesn't work, 
because system apps need to be signed by the system cert?

Original comment by jsei...@apperian.com on 18 Jan 2013 at 8:08

[GoogleCodeExporter]

Or whatever cert (production, release, build) key that was used on that APK. 
Which is why injecting prevents most of the FC errors due to invalid signatures.

Original comment by connor.tumbleson on 18 Jan 2013 at 8:10

[GoogleCodeExporter]

Ok, so there is no point in modifying anything in a factory app, because 
classes.dex would then be modified, and I will not be able to re-sign with the 
original cert, right? Therefore, it is impossible to modify factory apps 
without access to the manufacturer's cert.

Original comment by jsei...@apperian.com on 18 Jan 2013 at 8:13

[GoogleCodeExporter]

Thats why you inject :)

You then can modify anything (w/ the exception of AndroidManifest.xml as the 
cert is hashed off that). Then you can inject classes.dex or resources.arsc and 
it'll work without problem.

Note the command I use below (7zip)

7za u -mx0 -tzip -r Test.apk classes.dex

u = update
-mx0 = store (no comrpession
-tzip = type zip

Original comment by connor.tumbleson on 18 Jan 2013 at 8:17

[GoogleCodeExporter]

I think I am missing something here.

As far as I understand, classes.dex becomes the smali folder in a disassembled 
app. Are you saying that you can disassemble the app, reassemble it, then 
extract the classes.dex, then use the 7zip command to inject it into the 
original, overwriting the old classes.dex?

Original comment by jsei...@apperian.com on 18 Jan 2013 at 8:36

[GoogleCodeExporter]

You don't have to re-extract but yes your correct.

After `apktool b` there is 2 folders (dist and build).

Go to build/apk and there is the compiled (but not built into an apk), stuff. 
So there is your classes.dex, etc. You can take those and inject them into the 
original.

Original comment by connor.tumbleson on 18 Jan 2013 at 8:40

[GoogleCodeExporter]

Do we have to resign if we inject it into the original ?

Original comment by niranjan...@gmail.com on 8 Jul 2013 at 10:21

[GoogleCodeExporter]

Issue 551 has been merged into this issue.

Original comment by connor.tumbleson on 22 Nov 2013 at 9:19

[GoogleCodeExporter]

Hmm. Seems we have some protection from Facebook. See comment #4 - 
http://code.google.com/p/android-apktool/issues/detail?id=551

Original comment by connor.tumbleson on 26 Mar 2014 at 11:49

• Changed state: Done