Closed theWhiteWulfy closed 5 years ago
captn3m0
commented
5 years ago Thanks! Very stupid of me to miss checking Play Store :man_facepalming:
I've changed the wording slightly, hope that's fine. Instead of the PoC Video, I'd be very interested in a writeup on the QR Code, and the corresponding API that it uses.
theWhiteWulfy
commented
5 years ago Thank you! The rewording was essential as it was in first person form. I've my B.Tech final exams in the next 3 weeks and will do the writeup after that. I'll definitely write a detailed write-up on the QR Code, and the corresponding API, and update you with the link here when it is done.
I decompiled the spoofPaytm APK and updated the screen layouts and added a QR code scanner that pulled the number from Paytm's API. I tried to use this around my college, most merchants in our area wait for the payment SMS to arrive before final transaction. That was Jan 18. Last month I checked QR code API has been shut down. A friend of mine suggested to make a modified client, but it does not seem to work as such as a second refresh potentially removes the false transaction. Any more delay to server sync shows 'No Internet Error'. Since I'm feel bad, if someone defrauds unsuspecting merchants or is himself caught in a jeopardy, I'm against uploading such apps to websites where it could be generally accessed. Though if you would like I could provide a POC video.