Extract Information from APK files with Android SDK aapt

Extract Information from APK files with Android SDK aapt

Android Jun 9, 2022

This article is for those who are interested in doing something fun or curious about what APK files are, or even if you are developing an Application Store that needs to get some info from the APK, let's research it.

Every APK is a compressed zip file with .apk extension to specify that this file is an Android application installable and even you can easily open a .apk file with compress\decompress tools (like Winrar, Unzip, 7Zip, etc.) and explore the contents. The Important part of any .apk is classes.dex, AndroidManifest.xml and resources.arsc. Let's find out about the contents of each file.

  • Classes.dex: Contains the source code of the application.
  • AndroidManifest.xml: Contains information about our application such as Package Name, Version Code, Version Name, Min Sdk Version, Compile Sdk Version, Permissions list, Launcher Activity, and more.
  • resources.arsc: Contains resources of application such as drawables, strings, themes, layouts, etc.

Android SDK has a binary named aapt in $SDK/build-tools/{version}/ the directory that helps us to extract information about .apk and this is enough for our purpose to gain information. If you wanna get the source code of the application which is 99 percent of the time obfuscated and not usable that much, but for research purposes, there are online/offline tools you can find with a little search on the web to decompile the source code or the resources.

Now as we know about Important files in .apk archive let's get the information we talked about in the AndroidManifest.xml section with aapt.

Go to the aapt directory and open terminal then enter this command:

aapt dump badging file.apk

In the printed result of the command above, we will get all information we want. there are some more options to dump with aapt such as:

strings         Print the contents of the resource table string pool in the APK.
badging         Print the label and icon for the app declared in APK.
permissions     Print the permissions from the APK.
resources       Print the resource table from the APK.
configurations  Print the configurations in the APK.
xmltree         Print the compiled xmls in the given assets.
xmlstrings      Print the strings of the given compiled xml assets.

also, we can save results into the file:

aapt dump badging file.apk | Out-File result.txt

aapt dump badging file.apk > result.txt

That's It. As now we have the results saved in a file, You can run the operation on the result to store variables of build or a list of permissions. Later we will extract and parse the AndroidManifest.xml with code to provide an API to automate the process. of course, we will not use the aapt and gonna do it manually.


Benyamin Eskandari

Curious, Experienced Android Developer Also in love with Rust, DevOps, and System Programming Trying to read a lot of books and learn a lot of things, I will write posts about my path on this journey.