How to Extract Sandbox Data of an Android App

Recently, I encountered an issue reported by one of my beta testers — a crash in the production version. Despite digging through the code, I was unable to reproduce it locally. After some investigation, I suspected the problem might be related to cached data in the app's sandbox. I decided to extract that data to see if it could help me identify the issue.

There are a few ways to approach this:

Root the device and access the sandbox with a file explorer. This works but breaks security guarantees and isn't recommended — especially on a real device. You can do it on an emulator, but the process is more involved.
Use ADB (Android Debug Bridge) — the cleaner, non-destructive approach, and the one I recommend.

Android Debug Bridge (ADB) is a versatile command-line tool that lets you communicate with a connected device. It facilitates a variety of device actions — installing and debugging apps, and providing access to a Unix shell to run commands on the device.

The process has two steps:

Get a backup from the desired application.
Extract the backup file.

Step 1: Get a Backup from the Application

First, confirm your device is connected:

adb devices

Then create a backup of the target app (without the APK itself):

adb backup -noapk <packageName>

The backup file will be generated in the current directory of your terminal with the extension .ab.

Step 2: Extract the Backup File

The .ab file is compressed with DEFLATE and encrypted with AES. To unpack it, you'll need a tool like android-backup-extractor.

Navigate to the extractor directory and run:

java -jar abe.jar unpack <path/to/backup.ab> <path/to/backup.tar> ""

This produces a backup.tar file that you can extract with any standard archive tool. From there you can browse the full contents of your app's sandbox — databases, shared preferences, cached files, everything.

Hope this helps next time you're chasing a ghost crash. Have feedback or questions? Feel free to reach out on Twitter.