nodejs解析androidmanifest,获取apk包相关信息
aapt2解析androidmanifest
apktool解析androidmanifest
利用第三方jar包解析:APKParser.jar,AXMLPrinter2.jar

androidmanifest.xml


关于androidmanifest.xml

官方文档

AndroidManifest.xml 是每个android程序中必须的文件。它位于整个项目的根目录,描述了package中暴露的组件(activities, services, 等等),他们各自的实现类,各种能被处理的数据和启动位置。 除了能声明程序中的Activities, ContentProviders, Services, 和Intent Receivers,还能指定permissions和instrumentation(安全控制和测试)

nodejs解析(推荐)


在之前二次开发自动化遍历时,发现appetizerio获取包相关信息比较巧妙,故单独提取出来记录一下

APKDUMP = os.path.join(os.path.dirname(__file__), 'apkdump.js')
try:
    subprocess.check_output(['node', '-v']); 
except:
    print('Node.js is not installed and some functionality might not work properly')

def get_apk_manifest(apk):
    return subprocess.check_output(['node', APKDUMP, apk]).decode('utf-8')

def get_apk_package(apk):
    manifest = get_apk_manifest(apk)
    return json.loads(manifest)['package']

apkdump.js

从上面的代码可以看出,关键是apkdump.js,可查看我的github apkdump

该文件引自appetizerio项目

apkdump.js的使用

  1. node环境安装及管理,可参考我之前的文章,这里不再赘述
  2. 命令行执行
    node apkdump.js TikTok_9.8.3.apk > apk.json 
    
  3. apk.json预览
    {
     "versionCode": 983,
     "versionName": "9.8.3",
     "installLocation": 0,
     "compileSdkVersion": 28,
     "compileSdkVersionCodename": "9",
     "package": "com.ss.android.ugc.trill",
     "platformBuildVersionCode": 983,
     "platformBuildVersionName": "9.8.3",
     "usesPermissions": [
         {
             "name": "android.permission.ACCESS_FINE_LOCATION"
         },
         {
             "name": "android.permission.ACCESS_COARSE_LOCATION"
         },
         ....
    

aapt2解析


AAPT2(Android 资源打包工具)是一种构建工具,Android Studio 和 Android Gradle 插件使用它来编译和打包应用的资源。AAPT2 会解析资源、为资源编制索引,并将资源编译为针对 Android 平台进行过优化的二进制格式。

官方文档

aapt2官方文档

环境配置

android sdk的安装可参考我之前的文章,安装完成后添加环境变量

AAPT_HOME=~/Library/Android/sdk/build-tools/30.0.0
export AAPT_HOME  
export PATH=$PATH:$AAPT_HOME

Android SDK Build Tools 版本大于26.0.2

用appt2解析androidmanifest.xml

相关命令如下,按需获取,以tiktok为例

aapt2 dump packagename TikTok_9.8.3.apk > packagename.txt
aapt2 dump badging TikTok_9.8.3.apk > badg.txt
aapt2 dump permissions TikTok_9.8.3.apk > permission.txt
aapt2 dump xmlstrings --file AndroidManifest.xml TikTok_9.8.3.apk > xmlstr.txt
aapt2 dump xmltree --file AndroidManifest.xml TikTok_9.8.3.apk > xmltree.txt

apktool解析(不推荐)


主要用于反编译apk用,直接执行命令可能碰到各种报错问题

mac配置apktool

  1. apktool下载安装官方地址
  2. 右击下载apktool并保存为apktool
  3. 下载apktool_2.4.1.jar并重命名为apktool.jar
    mv apktool_2.4.1.jar apktool.jar
    
  4. 移动下载好的apktool及apktool.jar到/usr/local/bin
    mv apktool apltool.jar /usr/local/bin
    
  5. 添加可执行权限
    cd /usr/local/bin
    chmod +x apktool apktool.jar
    
  6. 安装校验
apktool
Apktool v2.4.1 - a tool for reengineering Android apk files
with smali v2.3.4 and baksmali v2.3.4
Copyright 2014 Ryszard Wiśniewski <brut.alll@gmail.com>
Updated by Connor Tumbleson <connor.tumbleson@gmail.com>

usage: apktool
-advance,--advanced   prints advance information.
-version,--version    prints the version then exits
usage: apktool if|install-framework [options] <framework.apk>
-p,--frame-path <dir>   Stores framework files into <dir>.
-t,--tag <tag>          Tag frameworks using <tag>.
usage: apktool d[ecode] [options] <file_apk>
-f,--force              Force delete destination directory.
-o,--output <dir>       The name of folder that gets written. Default is apk.out
-p,--frame-path <dir>   Uses framework files located in <dir>.
-r,--no-res             Do not decode resources.
-s,--no-src             Do not decode sources.
-t,--frame-tag <tag>    Uses framework files tagged by <tag>.
usage: apktool b[uild] [options] <app_path>
-f,--force-all          Skip changes detection and build all files.
-o,--output <dir>       The name of apk that gets written. Default is dist/name.apk
-p,--frame-path <dir>   Uses framework files located in <dir>.

For additional info, see: http://ibotpeaches.github.io/Apktool/
For smali/baksmali info, see: https://github.com/JesusFreke/smali

windows配置

可参考apktool的安装

apktool 反编译并解析androidmanifest.xml

apktool d test.apk

查看androidamnifest.xml:

<?xml version="1.0" encoding="utf-8" standalone="no"?><manifest xmlns:android="http://schemas.android.com/apk/res/android" android:compileSdkVersion="28" android:compileSdkVersionCodename="9" android:installLocation="auto" package="com.android.dazhihui" platformBuildVersionCode="133000" platformBuildVersionName="9.23">
    <uses-permission android:name="android.permission.FOREGROUND_SERVICE"/>
    <uses-permission android:name="android.permission.RECEIVE_SMS"/>
 .....

第三方jar包命令行解析(推荐)

AXMLPrinter2.jar

 java -jar AXMLPrinter.jar <binary xml file> > test.xml

APKParser.jar

  • 基于AXMLPrinter2,但AXMLPrinter2只能直接针对解析二进制的xml文件
  • APKParser可直接解析apk,不需要单独提取出apk中的androidmanifest.xml文件
  • 项目地址:xml-apk-parser,可在download中下载到对应的jar包
java -jar APKParser.jar <apk file> > test.xml