[Tutorial] How to Analyze and Fix APK Installation and Decompilation Issues

Tutorials and Guides
1

Purpose of This Tutorial

This guide provides a comprehensive approach to diagnosing and resolving issues with APKs that fail to install or encounter problems during decompilation. Tools like apksigner, apktool, and aapt2 are essential for identifying and fixing issues in APK files, such as manifest errors, signature problems, or unsupported configurations.

Why and When to Use This Tutorial

This tutorial is for developers and analysts who:

  • Encounter installation failures with errors such as INSTALL_PARSE_FAILED_MANIFEST_MALFORMED.
  • Need to debug or reverse-engineer APK files.
  • Want to verify and fix problems in the APK's structure, signature, or configuration.

Step-by-Step Guide

1. Verify the APK Signature

A valid signature is crucial for APK installation. Use apksigner to check if the APK is signed correctly:

  • Command:

    apksigner verify --verbose --print-certs your_app.apk

  • Key Information:

    • Verify the signature with schemes (v1, v2, v3, v4).
    • Ensure the certificate information matches your expectations.
    • If unsigned, sign the APK:
      apksigner sign --ks your_keystore.jks --out signed_app.apk your_app.apk

  • When to Use:

    • If installation fails with errors like INSTALL_PARSE_FAILED_NO_CERTIFICATES.

2. Decompile the APK

To analyze or modify an APK, you must decompile it. Use apktool:

  • Command:

    apktool d your_app.apk -o your_app_folder --frame-path /tmp/apktool-framework

  • Purpose:

    • Extract files, including AndroidManifest.xml and resources.
    • Identify misconfigurations or errors in the manifest.

  • Common Error:
    If you encounter:

    Can't create directory: (/home/user/.local/share/apktool/framework)

    Follow the steps in the "APKTool Framework Errors" section above to resolve it.

3. Resolve INSTALL_PARSE_FAILED_MANIFEST_MALFORMED

The error:

adb: failed to install your_app.apk: Failure [INSTALL_PARSE_FAILED_MANIFEST_MALFORMED: Failed parse during installPackageLI: /data/app/vmdlXXXXXX.tmp/base.apk (at Binary XML file line #7): intent tag may have at most one data scheme.]

indicates an issue in the AndroidManifest.xml. Specifically, it occurs when an <intent> tag contains multiple <data android:scheme> elements, which is not allowed.

  • Fix:
    1. Locate the <queries> section in AndroidManifest.xml.
    2. Find the <intent> tag with multiple <data> entries.
    3. Modify it to separate the schemes into individual <intent> tags.

Example Before Fix:

<queries>
    <intent>
        <action android:name="android.intent.action.VIEW"/>
        <data android:scheme="http"/>
        <data android:scheme="https"/>
    </intent>
</queries>

Example After Fix:

<queries>
    <intent>
        <action android:name="android.intent.action.VIEW"/>
        <data android:scheme="http"/>
    </intent>
    <intent>
        <action android:name="android.intent.action.VIEW"/>
        <data android:scheme="https"/>
    </intent>
</queries>
  • Rebuild and Sign:
    After fixing the manifest, recompile and re-sign the APK:
    apktool b your_app_folder -o recompiled_app.apk --frame-path /tmp/apktool-framework
apksigner sign --ks your_keystore.jks --out signed_recompiled_app.apk recompiled_app.apk

4. Check for ABI Compatibility

Some APKs are built for specific architectures (e.g., ARM, x86). Use unzip to verify the included native libraries:

  • Command:

    unzip -l your_app.apk | grep lib/

  • Key Points:

    • Ensure the APK includes libraries for the device's architecture.
    • If not, rebuild the APK with the required ABI support.

5. Analyze APK Metadata Using aapt2

Use aapt2 to analyze the APK's metadata and intent filters:

  • Command:

    aapt2 dump badging your_app.apk

  • Purpose:

    • Confirm the APK's package name, version, and declared permissions.
    • Validate the main activity and intent filters.

6. Install and Test the APK

After ensuring the APK is properly configured, attempt installation again:

  • Command:

    adb install your_app.apk

  • Monitor Logs:
    If the installation fails, use logcat to capture detailed error messages:

    adb logcat | grep PackageManager

Comprehensive Workflow for Diagnosing APK Issues

  1. Verify Signature:
    Ensure the APK is signed correctly using apksigner.

  2. Decompile and Analyze:
    Use apktool to decompile and inspect the AndroidManifest.xml for errors.

  3. Fix Manifest Issues:
    Resolve problems such as duplicate <data> tags in <intent> filters.

  4. Check APK Metadata:
    Use aapt2 and unzip to inspect permissions, ABIs, and other resources.

  5. Rebuild and Re-Sign:
    Modify the APK, recompile it with apktool, and re-sign it with apksigner.

  6. Install and Test:
    Use adb to install the APK and monitor logs for any remaining issues.

Conclusion

By following this guide, you can systematically diagnose and resolve issues with APK files, including installation errors like INSTALL_PARSE_FAILED_MANIFEST_MALFORMED. These steps ensure your APK is correctly configured, signed, and compatible with target devices.

2 Likes