![]() ![]() ![]() a ( paramString1 )) return new String ( paramString1 ) ![]() init ( 2, paramString2 ) // b.a is base64-decode: .binary.Base64 paramString1 = localCipher. getInstance ( "AES/ECB/PKCS5Padding" ) // MODE_DECRYPT localCipher. getBytes (), "AES" ) Cipher localCipher = Cipher. ParamString2 = new SecretKeySpec ( paramString2. After creating a layout containing two buttons, two text-views and a couple of other widgets, onCreate calls into this.g.a(): Lets start by analysing the entry-point activity MainActivity. The app contains 3 activities: MainActivity, RegisterActivity, and WelcomeActivity. The support library and the third package are boring as well, which leaves us with kr. containing the actual application core. The first package is really the Volley framework, which means we do not have to analyse it any further. The app is obfuscated using simple name mangling, no big deal. īrowsing through the Application we can see 4 packages, a.a.a, android.support, b.a.a.a, and kr. Lets extract the x file from the archive and use dex2jar to convert the Dalvik code to a jar file containing Java Bytecode, so we can decompile it with jd. The key is stored in the application, but you will need to hack the server. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |