Open sarandafl opened 2 years ago
Dear @sarandafl
Thanks for your feedback and sorry for my late reply.
You are absolutely correct about how I acquired SECRET
, SALT
, etc. The procedure is generally as below:
Download latest version of the target apk from 3rd-party sources such as apkmirror.com.
Decompile the APK using any of the tools available out there. I used following steps if I can recall correctly:
.apk
extension to .zip
.classes.dex
file and issue the following command: d2j-dex2jar classes.dex
`d2j-dex2jar classes.dex
) with the JD-GUI application and voila. You'll see the source codes.After finding the required data, you might also analyze the source code to find out what algorithm is used. Then, it would be easy to simulate their authentication mechanism.
Please note that, during the debugging, network monitoring tools such as Wireshark
are of great value. You might setup a custom network to be able to monitor every packet that your target APK is sending out or receiving in. Monitoring the packets sent over SSL is also possible but out of scope of this thread.
Hope this helps.
Do you mind sharing how you you were able to get the
OAUTH_TOKEN
/SECRET
, as well as the Salt value? Would be great for future reference and other projects. I assume from a reversed APK? Great work btw!