How we can debug a signed apk without having source code?

Question

I want to ask if there is a possibility to debug a release apk without having source code and how we can prevent user to do this action ?

I thought that I can\'t debug a

Answer 1

You can debug an already signed APK with a number of different tools. Most approaches would be considered a form of reverse engineering. At a high level, a common approach (for dynamic "live" debugging) would be to:

1. Use APKTool to enable debugging via the property in the AndroidManifest.xml. Align and sign the newly modified APK.
2. Use ADB to push the new "debuggable" APK to the device/emulator.
3. Use a debugger such as GDB (NDK includes a gdbserver with the arm toolchain).

It's worth mentioning that static analysis can be an option too, whereby the APK could be unpacked and decompiled to SMALI/Java.

There are a number of tools available to help reverse and debug APK's. Some I use frequently are; dex2jar, JDGUI, APK Studio, JEB, IDA Pro, VisualGDB.