今天尝试用apktool(2.4.1版本)批量反编译了一批恶意apk,然而其中有10%的APK会报错,详情如下:
I: Using Apktool 2.4.1 on 025A.apk
I: Loading resource table...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: C:\Users\potter\AppData\Local\apktool\framework\1.apk
Exception in thread "main" java.lang.NullPointerException
at java.io.Writer.write(Writer.java:157)
at org.xmlpull.renamed.MXSerializer.attribute(MXSerializer.java:631)
at org.xmlpull.v1.wrapper.classic.XmlSerializerDelegate.attribute(XmlSerializerDelegate.java:106)
at org.xmlpull.v1.wrapper.classic.StaticXmlSerializerWrapper.writeStartTag(StaticXmlSerializerWrapper.java:267)
at org.xmlpull.v1.wrapper.classic.StaticXmlSerializerWrapper.event(StaticXmlSerializerWrapper.java:211)
at brut.androlib.res.decoder.XmlPullStreamDecoder$1.event(XmlPullStreamDecoder.java:84)
at brut.androlib.res.decoder.XmlPullStreamDecoder.decode(XmlPullStreamDecoder.java:142)
at brut.androlib.res.decoder.XmlPullStreamDecoder.decodeManifest(XmlPullStreamDecoder.java:154)
at brut.androlib.res.decoder.ResFileDecoder.decodeManifest(ResFileDecoder.java:162)
at brut.androlib.res.AndrolibResources.decodeManifestWithResources(AndrolibResources.java:204)
at brut.androlib.Androlib.decodeManifestWithResources(Androlib.java:134)
at brut.androlib.ApkDecoder.decode(ApkDecoder.java:122)
at brut.apktool.Main.cmdDecode(Main.java:170)
at brut.apktool.Main.main(Main.java:76)
但奇怪的是,我用aapt命令:aapt dump badging 025A.apk
却可以拿到包名。
解决方案
这个Bug可能是Apktool 2.4.1版本导致的。在官方Issue中,有人提到用2.4.0可以解决此问题,经实验确实如此,大家只需要把apktool降级即可。原文在此:https://github.com/iBotPeaches/Apktool/issues/2300#issuecomment-612674987
附:Apktool全版本下载地址 https://ibotpeaches.github.io/Apktool/
网友评论