Reverse Engineering the Drexel One API

通过MiTM得知App先通过authentication获取一个key,然后利用这个key进行一系列的hashing计算获得一个authentication_key,之后每次call api都将该authentication_key加载到HTTP header之上。 RE Android App,知道authentication_key的组成就是 {my username}:{Utils.generateHash method}:{timestamp} Hashing的alg是HmacSHA1. 借助Free Online HMAC Generator,我们可以做个小测试. 最后作者将这个流程写成一个python script. Ref Reverse Engineering the Drexel One API – Tomer Shemesh – Medium…

Win10 App Proxy

方法1 访问http://www.telerik.com/fiddler, 然后从顶部菜单中选择「WinConfig」,在接下来打开的窗口中勾选你想排除网络隔离的应用就可以了 方法2 - 修改注册表 通过设置为 Win 10 UWP 应用解除网络隔离 - 少数派…

Uncovering OWASP’s Mobile Risks in iOS Apps - Patrick Wardle - OWASP AppSec California 2015

On YouTube Synack at AppSec California with Patrick Wardle from Synack Slide 讲座中提及的Tools iOSOpenDev filemon - An FSEvents client 讲座中提及的exploit PuffChat Steal WhatsApp database (PoC) | Bas Bosschert Snapchat Security Disclosure - Gibson Security iOS App File Structure App Binary App Binary Decryption GitHub - dumpdecrypted 未知与Clutch有何不同. iOS Reverse Engineering Techniques…

Code obfuscation Detection

iOS Change ipa to zip Unzip the file Run below command $ cd payload $ class-dump -H target.app -o ../raspinfo Android Method 1 - dex2jar 1). Download dex2jar 2). Run below command $ ./d2j-dex2jar.sh -f -o nino.jar target.apk 3). Download jd-gui 4). Open nino.jar with jd-gui. Method 2…

ApplePay 相关文献

The weak link in Apple Pay’s strong chain is bank verification. Who’s to blame? | Ars Technica At this point, a bank must decide between green-lighting the customer based on the information Apple can send the bank or pushing the customer down what's called the “Yellow Path” and making…

百度安全实验室:支付安全不能说的那些事儿

百度安全实验室:支付安全不能说的那些事儿 | 雷锋网 如果某一个参数值(value)中包含&和=符号,待签字符串和原始的参数集合就可能不再是一对一,即存在多组参数集合对应同一组待签字符串。 例如: 参数集合 {"key1":"value1","key2":"value2&key3=fake_value&zend_key=a", "key3":"value3"} 的待签字符串为 key1=value1&key2=value2&key3=fake_value&…

Mobile Debugging

iOS When you are assessing an application, attaching a debugger can be a powerful technique for understanding the application's inner workings. A couple of debuggers work on iOS and the one that works best for you will depend upon what you are trying to debug and the resources available to…

Repackaging attack

Android 主要有两种方式: Add new Malicious Smali files Modify existing Smali files Example 1 Mobile Security Labs Example 2 Mobile Security Certificate Pinning Exploit $ keytool -genkey -keystore example.keystore -keyalg RSA -validity 10000 -alias example $ apktool d [app_name].apk // Modify your app $ apktool b <app_folder> $ mv dist/…