Hi,
I'm trying to understand the limitations of applying changes to currently installed firmware in my X10.
From what I understand its possible to apply themes, but i'm more interested on changing system apps (adding values/locales, changing .dex files) and resigning them afterwards with my own key.
The problem is I get signature failures, as the bootloader? rejects packages with different key.
Is there a way I can rip off the system key & password from the firmware? and sign my applications with the correct signature?
Or is there a way to cause the system to accept my signature?
Thanks
Related
Hello,
I'm trying to hack an apk.
My first step was to use apk multi tool, and to just decompile and recompile it.
This is what i've done:
decompiling
recompiling (without any mod)
signing
No error appears during those steps.
But this new apk won't install on my phone !
If I check difference between the two apk:
all xml files are differents
.RSA and .SF have not the same name
classes.dex, resources.arsc and manifest.mf are differents
I don't understand those difference. can somebody help me to understand that and how to recomile a proper version ?
PS: This app is a french app that shows speed cameras on the road. However this app is now only showing a big zone and not the exact location for france. But it stills show precise location for other countries, so obfuscation is done at the apk level, and I already found where it is in the code, so i'd like to bypass it and recompile a "special' version
Thanx
Just a few quick questions. Is you phone set to install from sources than Droid market? You do know the newly compiled and signed project will be located in the "place_package _here_ for_Modding" folder and is named "Signed(yourappnamehere).apk?
Sent from my SAMSUNG-SGH-I727 using xda premium
Hi,
yes, i took the newly compiled apk in this directory, and yes my phone is set accept unknown sources.
When i install the apk, i first have the
- liste of phones serviesc that will be used
- then the install progress bar
- then the message "application not installed"
I guess there is some kind of protection in the sources...
I also noticed that the two apk - original, and resigned one - don't have same size.
The only difference is actually in the META-INF directory : the .RSA and the .SF files.
In the original application they are:
- IFOX_.RSA
- IFOX_.SF
But when recompiling, those files are:
- CERT.RSA
- CERT.SF
I'm shure the problem comes from here, but i'm too noob to analyse that...
So my proble can be sum-up by:
Why the recompilation doesn not give me the same RSA and SF file ??
Beware there are some modifications that you cant do on decs, expecially the packagename.
also beware to disable the "non-market" tag on the phone.
Yes, but for the moment i didn't make any modification:
Just decompiling, recompiling and resigning.
Maybe you want to tell that the apk name must stay the same ? (sorry my english is not perfect )
GOT IT WORKED !!!
You must first uninstall the previous application !
I was trying to install my new one over the old one, but the signatures are not the same !!!
Thanx everybody, and hope this will help somebody !
APK edit error 103
Ok im having a similar issue.
I know the file size is mismatched but ive never had this issue
as a test i only modded 1 thing but 4 files
changed a link in an html / changed an image and its name and the html included the link to the new name
when this failed i changed the manifest and the .sf to match the change i made with name but not the sha :"no clue here"
Tried...
APK multi tool ... and 7zip to make the mods
Tried... Bothsigned and unsigned.
Tried copying the sig from old apk to new with names corrected "notsha" fail still
Tried....
Origional APK installs no issue
Uninstall orig apk rebooted
Allow out side apps yes and no.both
using file manager explorer and root browser and es file manager
Copying directly to /system/app fail
copying to data/data/app/copy fail " yes it wont even copy to there"
Tried.. Multiple phones
I then tried a hex editor on the apk. And after changes install still fail.
I modded several other apk's even my framework but this is the first app that ha given me so many issues
This is an app to help elderly users access internet and the devs are AWOL and the project abandoned
Code:
https drive google com/folderview?id=0B5PggxVy7c8meDhrcjNJOGs5cFk&usp=sharing
Code:
www eldy eu/en/software/eldy-tablet/
"edited for posting "
The goal here is to make it more U.S. friendly its English base is geared to English UK and this does not help my family as we are in the U.S.
All i can get from logcat is error 103
Logcat shows package it.vegans.eldy has no certificate at entry AndroidManifest.xml ignoring
Knstallation error code 103
I tried apk multitool certify thing
i tried copying the certs from old to new apk
i tried modding the cert to correct names
So maybe im mentally challenged but i just cant figure this one out
---
Edit .
I attached a zip with original and modified apk's
All i want to do is simple html edits xml link edits and img changes since mostly the app is a series of pages.
The cookers of roms are by default including bunch of applications to ROM which i dont want to have and each time flash new version i need to manually remove them (like all google applications which takes quite a while and i am quite successfull at missing some). The rom is a zip file so i could make a program to kick apks out of rom automatically and repack it which isnt much of work to do but i am worried if such rom would still work. There is also a second problem, the digital signature which from expirience produces the yellow warning triangle at boot, i dont have problem with creating my own public/private keys and signing the rom but again i have no clue where the signature should be and where to register a private key (or maybe the samsung one is known?).
Is there some document on this topic or someone is prepared to help me out?
takes 20-30 seconds to open titanium and do a batch uninstall of the apps you dont need
Hmm... i dont use it but i will try, although i would still rather do a batch remove of all unwanted applications on my own before they even get installed. And adding a new application to install first also wouldnt be a bad idea (LBE privacy guard)
You can just extract the rom zip and from that delete the apks you dont want from the System --> App folders or Data --> App folders if there is anything in there. You could also use this 'opportunity' to choose which Kernel and Modem etc you wanted if you plan on changing / flashing different ones later. Re-zip and flash!
I will say this though, in the past i've done this and for some reason certain apps that I left in the zipped rom didn't install, no biggy though
Ok, this was the answer i was searching for. One more thing, what to do with digital signature?
Custom rom .
Open with Win Rar do not extract.
Open System Open Apps
Delete whatever you dont want and is safe to do so .
Close Win Rar and flash rom .
jje
Hmm, i am just playing with one thought, if the android is tied to apk extension for installing, the changing of zip header (actually from historical reasons it is footer ) to rename the apk to ap_ for unwanted application would acctually kill it from installing without ever unpacking it... and the code is actually even more trivial, search and replace...
I am trying to modify AndroidManifest.xml of settings.apk
But as we all know, if we modify that AndroidManifest.xml, we have to sign the apk so when I modify the AndroidManifest.xml and sign the settings.apk and push it then it doesnt get installed and I get a error in logcat saying there is a mismatch in signatures of the apk and system uid.
Then I tried restoring stock signatures but it still doesnt get installed and in log it says the apk has no signatures because I modified AndroidManifest.xml.
Do anyone have solution for this to sign system apps properly or any other workaround?
I came to know that every system apk and framework apk must be batch signed incase of editing the manifest xml.
I don't think that every apk needs to be re-signed. I've never done this, but my thought was that any apk that has an AndroidManifest.xml with the same original modified dates (you can check the dates with 7-zip) need to re-signed together. Won't it mess up some other apks that don't need to be re-signed if you were to re-sign everything? Please let me know if I am way off..
Also, note that there are other ways to invert the colors in apks besides editing the AndroidManifest... (i.e. edit the /values/styles.xml, /layout/*.xml, etc... can be a pain, but it works) - Sorry, but I guess I am assuming that that's what you are going after by editing the AndroidManifest in the Settings.apk... again, anyone feel free to correct me if I'm wrong on anything here - I am all for learning and sharing!
^^No I dont want to theme it or colorize it
I am adding new functionality for which some new permissions and activity declaration is needed in Manifest file
But if I modify Manifest and use stock signature files it doesnt install and if I resign it then it say signature mismatch with system uid.
Bump!!
I have edited the AndroidManifest.xml in the Settings.apk (for theme color change), and I did not re-sign it after compiling, I retained the originals.
And, it worked fine when I put it on my phone alone (with a flashable zip package), BUT (this is a big but), - it did not get installed when I put it in a ROM package together with all the system files. That's when the signatures become an issue... you need to then re-sign all, or nearly all apps and framework.
At least that's my experience...
Check out this thread.. http://forum.xda-developers.com/showpost.php?p=28475720&postcount=63
Sent from my phone's mind
Oh then I have to sign all system apks
Any other way?
Do you know how to sign with system key which will match system uid?
Only for AOSP ROMs you can resign and apks work. Samsung use closed source.....how could you ever match signatures? Also don't change the Manifest. Leave it. Who says you have to change it?
Note that its via the public.xml that you need to add these listings as to what the apk is now doing. No the manifest. Is it going to market? No so don't change manifest simple. If it is then it shouldn't really be a system app. Also you can disable signature checking within your ROM if that is all you are worried about. I have signed apks from the market that I have themed and then installed them to system and they work fine. Its the apks you use that have dependencies that WON'T work. I.e. apks like Samsung TWiz apks that listen for the system vold boot complete proprietary to Samsung or say an ASOP apk that is trying to chime into something that is framework related in a non-asop ROM.....this then becomes a permissions issue
---------- Post added at 05:09 AM ---------- Previous post was at 05:05 AM ----------
PS: I have edited androidmanifest anyway and apks still work fine.... upgraded the SNS apk to ensure it was fit for use above and beyond SDK 10
varun.chitre15 said:
I am trying to modify AndroidManifest.xml of settings.apk
But as we all know, if we modify that AndroidManifest.xml, we have to sign the apk so when I modify the AndroidManifest.xml and sign the settings.apk and push it then it doesnt get installed and I get a error in logcat saying there is a mismatch in signatures of the apk and system uid.
Then I tried restoring stock signatures but it still doesnt get installed and in log it says the apk has no signatures because I modified AndroidManifest.xml.
Do anyone have solution for this to sign system apps properly or any other workaround?
Click to expand...
Click to collapse
Did you figure out in the end? Still stuck with same problem as you
I was playing around with my Z2 I have flashed Lollipop using Flashtool (All Official).
I found two interesting apk's that can be installed over the existing ones as an update (Which have a permission to write to system files I guess).
I tried to decompile them but no luck. What I had in my plan is to inject some code in the apk that will let it give permission to other application that we specify in the Manifest.xml (It is a long shot)
I will attach the apk's
/system/app/PremiumSmsUpdate
/system/priv-app/UpdateCenter
Both can be installed over and over with no failed installation.
Can anyone tell me if it is possible to inject one of the two apks with something to root?
Thanks
Safar
Just a simple yes or no from a developer would do it
No because SELinux will pick it up and kill it
In the interest of learning the ins and outs of Android firmware modding I wanted to start small with changing icons, perhaps making basic theme changes, adding new buttons/actions etc. To what degree can changes be made to the currently installed ROM before an entire reflash is required? Can such changes be made simply through the file system using a shell by replacing binaries, etc? Or, is it necessary always to download a particular Android version from Google and recompile/reflash to your device after implementing the desired changes?
Perhaps this is too general of a question.
sherrellbc said:
To what degree can changes be made to the currently installed ROM before an entire reflash is required? Can such changes be made simply through the file system using a shell by replacing binaries, etc?
Click to expand...
Click to collapse
As long as you don't make a mistake that causes your device to no longer boot, a full reflash is never required if you just modify single files. Make sure you know how to recover from a non-booting Android system before you start modding.