0

As a part of a research project, I'm doing method profiling work on a bunch of android applications identified as having malicious code in them. To automate the process, I've made a batch file and a java executable to decode, add the android:debuggable flag, rebuild, sign, and install the application to a test device. The next step would be launching the application.

Is there a way to do this from adb without knowing the intent, package, or activity of the application in question? I'm aware of the adb shell's 'am start' command, but this requires the package and the activity to start at the least, if I recall correctly.

Is there a way to start the application without this information? Or failing that, another method to get the package and activity and then use that in my batch file?

Mike
  • 662
  • 3
  • 13
  • 27

1 Answers1

0

It would be much easier to run those on a device where adb runs as root (or the emulator), then you can attach without having to modify. If you are parsing the APKs, you might as well parse the manifest and build a list of packages, intents, etc. And of course, there is not 'launching the application' in Android -- you may start an activity or service, not necessarily the main/root activity. Especially for (suspected) malware, which may well be trying to hide its main activity behind an benign entry one.

Nikolay Elenkov
  • 52,576
  • 10
  • 84
  • 84
  • Essentially, I should just look through the rest of the manifest for the packages and intents and things? Also, yes, I was not exactly precise in my wording of the question, using "launch application" instead of activity, I apologize. – Mike Jun 03 '13 at 08:53
  • No need to apologize, the point is that there is usually more than one entry point. The malicious behaviour might be triggered by, say, an incoming SMS or GCM notification. You need to check at least all the registered components. And of course behaviour might be different based on intent data and/or extras... – Nikolay Elenkov Jun 03 '13 at 08:58
  • My instructions for the task were somewhat more limited than that, but I'll be sure to bring up those concerns at my next research meeting. In the meantime, I'll parse through the rest of the manifest for the package and activity. – Mike Jun 03 '13 at 09:11