Attaching to fast loading JNI/native code from an Android app without debugging the Dalvik code

gistfile1.txt

The original issue was that some applications (ex. packers) launch the JNI/native code too fast for a person
 to attach an IDA Pro instance to the process. The original solution was wrapping the jni code with your own
 "surrogate" application so you could load it slower.

New process is to launch the Android/Dalvik activity with the debugger flag;
# adb shell am start -D com.play.goo_w/com.android.netservice.MainActivity

Which will cause the "Waiting for debugger..." mode to start. This starts the process, allowing you to
attach IDA Pro to the process for the native code.

Next attach forward the jdwp process to a tcp socket so you can connect;
# adb jdwp
...
3292
This process returns all available jdwp processes, the last one should be your new pid you want to debug
(you could check this through top/ps)

# adb forward tcp:8700 jdwp:3292

After you've forwarded the port to the jdwp process, you can connect on your machine via jdb;
# jdb -attach localhost:8700

Drop the jdb conneciton and let the Android application run as it normal would.

The app crashes immediatley on jdb attach - by the way I see jdb.exe -connect com.sun.jdi.SocketAttach:hostname=127.0.0.1,port=8700 should be used instead of jdb attach localhost:8700

I then tried another way: run jdb attach/connect first, and then click the attach confirm button immediately when jdb prompt shows up. However this method still didn't keep the app from crashing either.

What is the stack you're seeing when it crashes?

These steps are, generally speaking, correct. Yes you will need to change some things if you're running it on a different OS. However unless you're using a specialized device and/or application, the crash you're seeing is likely something correctly failing -- which is unrelated to the jdb.