Debugging Applications Using IDA¶
This section will guide you through quickly using FIRERPA and its associated features and scripts to debug Android applications. Our demonstration environment uses Android 10 and a host system running Ubuntu 22.04, with tools such as IDA 7.5 (via Wine), ADB, jdb, and Python already installed. We recommend that your IDA version be at least 7.5 or higher, along with the latest version of the FIRERPA server.
Enable Debuggable Mode¶
Before proceeding, if your system is already in debug mode, you can skip this step. Otherwise, open the FIRERPA remote desktop and enter the command setdebuggable in the terminal. After executing the command, your device will undergo a soft reboot. Don’t worry—normal operation will resume within approximately two minutes. At this point, your device will be in debuggable mode.
Install IDA Debug Server¶
Before starting debugging, you need to upload the Android debugging server provided by IDA to your device. You can find android_server and android_server64 in the dbgsrv directory of your IDA installation folder. If the target application you’re debugging uses 32-bit native libraries, use android_server; otherwise, use android_server64. Drag and drop the required file to your device or use adb push to transfer it, then grant executable permissions:
chmod 755 android_server*
After granting executable permissions, start the android_server service. You can run this executable via ADB (requires root privileges) or through the remote desktop terminal. On newer Android versions (≥10), you must first set the IDA_LIBC_PATH environment variable:
IDA_LIBC_PATH=/apex/com.android.runtime/lib64/bionic/libc.so ./android_server64 -kk
Note
For debugging 32-bit applications, change IDA_LIBC_PATH to /apex/com.android.runtime/lib/bionic/libc.so and use the 32-bit android_server debug server.
Forward IDA Debug Server Port¶
For debugging scenarios requiring high real-time performance and responsiveness, we recommend using a USB connection. Ensure your device is connected to the current computer and ADB authorization has been completed, then execute the following command:
adb forward tcp:23946 tcp:23946
Note
Port 23946 is the default listening port for the IDA android_server. If you changed this port when starting android_server, adjust the forwarding accordingly.
Start Application Debugging¶
We’ve simplified most of the process by packaging it into a script that automates the majority of subsequent steps. Follow the prompts displayed by the script. You can find the ida.py script in the project’s tools directory. Run it using the following command:
python3 ida.py -d 192.168.0.2 -a com.android.settings
Here, the -d parameter specifies your device IP—the IP address of the device running the FIRERPA service—and the -a parameter specifies the application package name. After executing the command, you’ll be prompted to attach your IDA software to the target application process.
That’s it—you’ve completed all the steps. Return to the ida.py command line and press Enter. You may now proceed with debugging.