Android - How to Check Proguard Obfuscation Has Worked

Android - How to check Proguard obfuscation has worked?

In your project directory you will find a Proguard folder, in which you will see four text files:

dump.txt

Describes the internal structure of all the class files in the .apk file

mapping.txt

Lists the mapping between the original and obfuscated class, method, and field names. This file is important when you receive a bug report from
a release build, because it translates the obfuscated stack trace back to the
original class, method, and member names. See Decoding Obfuscated Stack Traces
for more information.

seeds.txt

Lists the classes and members that are not obfuscated

usage.txt

Lists the code that was stripped from the .apk

Source: Proguard

Hope this helps!

How can I test if ProGuard works correctly before I publish an app to Google Play?

Install and run the minified release version of your app (see here or here for info on installing AAB files) that you upload to Google Play, not the debug version.

If you're just hitting "Run" in Studio, you're installing the debug version that doesn't (by default) have Proguard or other minification run on it. If you instead use the minified release version before uploading it to Google Play, you'll get the same behavior you will after uploading: Google Play isn't running any "extra" Proguard tasks on it after you upload.

You can also use the Alpha/Beta testing tracks in Play to test the full Play experience without publishing to a wider audience or fiddling with bundletool.

How can I find out if ProGuard has been successful in obfuscating an Android APK?

Look in the proguard folder : You will see files like mapping.txt, dump.txt, usage.txt etc. Also if you look in the logcat you will see that Class names and Method names are obfuscated.

For more details go here.

Another hardcore way will be to use dex2jar and java decompiler to decompile your app and see how much you'll suceed. If obfuscation went well you'll see that it's impossible.

How can I tell if I'm using Proguard to obfuscate my code?

No, your code is not being obfuscated. You are not running proguard. minifyEnabled controls whether to run proguard, and you have it set to false, need to change that to true to turn on proguard. getDefaultProguardFile('proguard-android.txt') gets the default proguard rules from the SDK. See proguardFiles docs.

To check that your code is being obfuscated, you can look in your build/outputs/mapping/release directory. Those files should have modification times from during your build. Looking at the mapping.txt will give the obfuscation details (which names were mapped to what).

Pro-guard Obfuscation not working in android studio

To enable ProGuard in Android Studio. Below is the sample how to enable default ProGuard in Android Studio.

1) Go to the build.gradle file of app

2) enable the proguard minifyEnabled true and useProguard true

3) enable shrinkResources true to reduce the APK size by shrinking resources.

4) proguardFiles getDefaultProguardFile('proguard-android.txt') to enable the default one. If you want to use your own proguard file then use the below rules.

buildTypes {
    release {
        debuggable false
        useProguard true
        minifyEnabled true
        shrinkResources true
        proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
    }

    debug {
        debuggable true
        useProguard true
        minifyEnabled true
        shrinkResources true
        proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
    }
}

Android code obfuscation with ProGuard...how does one know it's been obfuscated?

Try to reverse engineer your own application. See what you can read in the code.

Use the following questions:

decompiling DEX into Java sourcecode

http://www.taranfx.com/decompile-reverse-engineer-android-apk

How to enable ProGuard obfuscation in Android Studio?

I figured out the problem:

Open up the proguard-rules.pro for your project and add this to the bottom:

-dontwarn java.nio.file.Files
-dontwarn java.nio.file.Path
-dontwarn java.nio.file.OpenOption
-dontwarn org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement

Basically how I solved it was this I tried to run my app in 'release' mode and got a bunch of errors similar to this guy here: https://github.com/square/okio/issues/144

I pretty much followed what he said and fixed it.

Hope this can help others with generating their APK's!

visit more detail here :

Error:Execution failed for task ':app:packageRelease'. > Unable to compute hash of /../AndroidStudioProjects/../classes.jar

What to expect from code obfuscation (proguard, android)

As far as I know, proguard will obfuscate android projects by default when proguard is enabled for the project.

A possible stacktrace from such an appliation will look somewhat like this:

Caused by: java.lang.NullPointerException
at net.simplyadvanced.ltediscovery.be.u(Unknown Source)
at net.simplyadvanced.ltediscovery.at.v(Unknown Source)
at net.simplyadvanced.ltediscovery.at.d(Unknown Source)
at net.simplyadvanced.ltediscovery.av.onReceive(Unknown Source)

--> no information about class nor method names

So I assume, that the developer who built the apk disabled the class renaming for some reason. See also Using Proguard with Android without obfuscation

Source of the stacktrace: http://simplyadvanced.net/blog/android-how-to-decode-proguards-obfuscated-code-from-stack-trace/

---

Related Topics