Malware analysis technology is important for Android security. However, existing Android malware analysis approaches, both static approaches and dynamic approaches, have their own advantages and drawbacks. In this paper, by combining static and dynamic approaches, we propose the forced execution technique for Android apps to automatically extract their hidden information such as encoded URLs, promoting the security evaluation of Android apps. Our approach firstly searches some execution paths leading to critical functions based on static analysis. Then, by monitoring the control flow conditions of the target app, code on the selected paths is forcedly executed. In this process, an exception-tolerated execution sandbox is designed to ensure that selected execution flows finally reach the critical functions. Thus, important parameters related to the functions can be extracted with high probability. The main advantage of our approach is that the whole process is completely automatic and does not require complicated input contexts for the execution. We have implemented the prototype system ForceDROID. And two scenarios aiming at network connections and shell commands are designed to evaluate the effectiveness of our approach.