Extract backup from Android Application

It’s possible to backup Android application in order to check local data left on the device.

Backup permission

An application can prevent backup with adb. This can be done with a permission in the AndroidManifest.xml file:

android:allowBackup="true"

If this value is set to false, you can’t backup application with the following method.

Retrieve backup from device

To retrieve backup from Android device, adb is the tool.

adb -backup -apk <app package name>

# Example:
adb -apk com.dotgears.flappybird

Backup file named backup.ab is in your folder.

file backup.ab
backup.ab: Android Backup, version 5, Compressed, Not-Encrypted

Extract backup archive

Android backup file is a compressed archive, you can extract it with the following one liner:

( printf "\x1f\x8b\x08\x00\x00\x00\x00\x00" ; tail -c +25 backup.ab ) |  tar xfvz -

It’s time to analyze backup data!

More post on mobile application security are available