Android ADB Backup, Extract, Restore

The Android backup file created using the ADB command is a compressed tar file. Compression is done using the zlib compression library and the DEFLATE compression algorithm. If a password is entered during the backup process, the file is encrypted, else it is only compressed. In this article, we will learn how to perform ADB backups, extract ADB backups and restore or repack ADB backups.

Enable Android ADB Backup

The Android backup feature using adb backup is only available from Android 4.0+. To use this feature, USB debugging (under Settings -> Developer options) must be enabled on the device.

Also, this feature does not work on all apps. To enable ADB backup for an app, that app must have set the android:allowbackup attribute to true in the Android Manifest (AndroidManifest.xml) XML file.

Apps like the Google Authenticator have disabled the ADB backup feature to prevent sensitive information from being extracted from the device. ADB backup will not work on such apps. An attempt to perform an ADB backup on such apps will only generate a dummy file with no valid content inside.

Perform Android ADB Backup

To perform an ADB backup, you will first need to know the package name of the app in question. For example, if you want to perform a backup of the WhatsApp application, the package name would be “com.whatsapp“.

You can get a list of the installed packages by running the pm list packages command from the ADB shell.

$ adb shell pm list packages

Another easier way is to extract the package name from the app’s Google Play Store web URL. For WhatsApp, the URL is https://play.google.com/store/apps/details?id=com.whatsapp and the package name can be found after the “id=” field.

To perform a backup, connect the phone to the computer via USB and run the ADB backup command. If you want to backup WhatsApp, run adb like this:

$ adb backup -f com.whatsapp.ab -noapk com.whatsapp

This will trigger a confirmation dialog prompting you to authorise the backup on your phone as shown below. Click on the “Back up my data” button without providing a password. The backup will start only after you click on the button.

adb backup prompt

Wait for the ADB backup command to complete. It may take a while, depending on the size of the data to be backed up. The backup will be written to the file specified in the “-f” option, in our case, it’s “com.whatsapp.ab“. The “.ab” extension indicates Android Backup. The “-noapk” option means that a backup of the .apk file is disabled and only the contents are backed up.

Extract from Android ADB Backup

The ADB backup can be converted to a TAR archive in two steps. First, we strip the 24-byte header. Once stripped of the header, we will have to decompress the raw zlib data using openssl.

$ dd if=com.whatsapp.ab ibs=24 skip=1 | openssl zlib -d > com.whatsapp.tar

Another way is to use the tail command instead of the dd command to strip the headers.

$ tail -c +25 com.whatsapp.ab | openssl zlib -d > com.whatsapp.tar

You will now be able to extract the file using the tar command.

$ tar xvf com.whatsapp.tar

Restore / Repack Android ADB Backup

To restore the original Android Backup archive, run adb like this:

$ adb restore com.whatsapp.ab

But if you have made changes to the contents of the files stored in the tar acrhive, you will need to recreate the ADB Backup archive. To do this, we will have to compress the tar archive and append the 24-byte header found on the original Android Backup file.

We will also need the original Android Backup file “com.whatsapp.ab” to extract the header information. If you do not have the file, just perform an ADB backup on a package to create the backup file. All Android backup files have the same header so the header can be extracted from any Android Backup file.

$ dd if=com.whatsapp.ab ibs=24 count=1 of=com.whatsapp-restore.ab ; openssl zlib -in com.whatsapp.tar >> com.whatsapp-restore.ab

Alternative way is to use the head command instead of the dd command.

$ head -c +24 com.whatsapp.ab > com.whatsapp-restore.ab ; openssl zlib -in com.whatsapp.tar >> com.whatsapp-restore.ab

We are extracting the header information from the file “com.whatsapp.ab” and writing it to the file “com.whatsapp-restore.ab“. Next we compress the tar file and append the output to the file “com.whatsapp-restore.ab“. Once the file is written, the contents can be restored from the backup archive “com.whatsapp-restore.ab” via ADB.

$ adb restore com.whatsapp-restore.ab

ibrahim = { interested_in(unix, linux, android, open_source, reverse_engineering); coding(c, shell, perl, php, python, java, javascript, nodejs, angular, react); plays_on(xbox, ps4); linux_desktop_user(true); }