System Logs
Like any Linux based system, Android keeps a centralized structure of logs. Logging within the application is implemented with the Log class. There are varying levels of logs:
Log.dDebug logLog.eError logLog.iInformational logLog.vVerbose logLog.wWarning log
Ironically, there is also a wtf log which stands for “What a Terrible Failure”. You will most likely never see this. To see more information about logs on Android, run adb logcat -h with a device attached to your computer.
Viewing Logs
Obtaining the logs can be done with the logcat command!
On the device, you can simply run the following command which will dump the current logs:
logcat -d
To redirect it to a file on the device:
logcat -d -f /sdcard/logs.txt
From your computer, you simply prefix it with the adb command:
adb logcat -d
In most cases, you will want to limit the logs to the application under test. From your computer, you can pipe the logcat output to grep for further refinement.
adb logcat -d | grep -i appname
adb logcat -d | grep -i appname > filename.txt
Review the output for any sensitive data. It is common to find sensitive data in the logs!
Review Source Code
Once you have decompiled the APK file with jadx, you can search the “sources” directory for instances of the Log class:
grep -ri “Log.” sources