De-obfuscate stack traces!!?
Enabling Proguard for android In this article I had told How to obfuscate the code. If you don’t know How obfuscate the code, not data be clear? Proguard is obfuscating the code.
A good engineer thinks in reverse and asks himself about the stylistic consequences of the components and systems he proposes. — — Helmut Jahn
When we obfuscate the code the class names and method names are converted into some random obfuscated names such as a,b,c, etc. The problem is encounter when some exception raised or application is crashed How to decode that stack trace that is the big question developer having.
Exception, errors and Bugs are fact of developers life. So many developers requested and asked me How to de-obfuscate the stack trace? I answered couple of developers but any email you’ve written twice should be a blog post.
where there is a will there is a way.
Once proguard shrinks your code, reading obfuscated stack trace is difficult because filed, method and class names are obfuscated. Fortunately to help developers Proguard provide you mapping file. Every time you run and obfuscate the code, proguard is generating a mapping.txt file.
ProGuard outputs the following files:
dump.txt:- Describes the internal structure of all the class files in the APK.
mapping.txt:- Provides a translation between the original and obfuscated class, method, and field names.
seeds.txt:- Lists the classes and members that were not obfuscated.
usage.txt:- Lists the code that was removed from the APK.
These files are saved at <module-name>/build/outputs/mapping/release/
Mapping.txt file ? :
Mapping file is just simple text file which contains original field, method, and class names mapped to the obfuscated names. You will locate this file at below path app <modulename>/build/outputs/mapping/release/mapping.txt directory.
Note :– Each time you run to create a release build with ProGuard mapping.txt file is overwritten. So retain the mapping.txt file for every version, better keep the mapping.txt file along with the code.
Command to de-obfuscation
retrace.bat|retrace.sh [-verbose] mapping.txt [<stacktrace_file>]
for e.g
retrace.bat -verbose mapping.txt obfuscated_stack_trace.txt
Sample mapping.txt file
com.apothesource.hidingpasswords.HidingUtil -> com.apothesource.hidingpasswords.a: java.lang.String hide(java.lang.String) -> a java.lang.String unhide(java.lang.String) -> b void doHiding(byte[],byte[],boolean) -> acom.apothesource.hidingpasswords.MainActivity -> com.apothesource.hidingpasswords.MainActivity: byte[] mySlightlyCleverHidingKey -> a java.lang.String[] myCompositeKey -> b void onCreate(android.os.Bundle) -> onCreate boolean onCreateOptionsMenu(android.view.Menu) -> onCreateOptionsMenu boolean onOptionsItemSelected(android.view.MenuItem) -> onOptionsItemSelected
How to use it in Production?
In every developer everything is working perfectly on local but not on production.
While uploading APK file on play store you can upload the mapping.txt file.
Important Not from Google:- Once you’ve uploaded a mapping file for a version of your app, only future crashes for that version of your app will be deobfuscated. Crashes for a version of your app that happen before you’ve uploaded its respective mapping file won’t be deobfuscated.
- Sign in to your Play Console.
- Select your app.
- From the left menu, click Android vitals > Deobfuscation files.
- Next, to a version of your app, click Upload to upload mapping.txt file.
- Upload the ProGuard mapping.txt file for the version of your app.
Once everything works fine then go and Select a crash & ANR and On the ‘Stack Traces’ tab, you’ll see your deobfuscated stack traces.
You can achieve the same thing with the help of developer API as well, details are here.
Reference links:-
https://developer.android.com/studio/build/shrink-code
https://www.guardsquare.com/en/proguard/manual/retrace
Let me know your way to de-obfuscate the stack trace.