Reverse Engineering question. - Android Q&A, Help & Troubleshooting

Hello guys.
I friend of mine is challenging me to hack his application but I ve a little problem. I think it should be easy to do for you guys but I m noob and I need more informations.
In the application when I click a button a Webview is opened and a link is loaded. In this link I should put some informations. If the informations are correct the website loaded in the webview (or the server in which is hosted) comunicates to the applications that the informations are correct and the application unlock some cool functions I can use. My task is to find where the application retrieve these informations from the webview in order to change the verification method orin order to find where the application unlock the cool functions (but I m sure that if I find where the application is getting data from the webview I can find the rest). The problem is that I can't find nothing that is comunicating with the webview.
Can you suggest me if there is some functions or classes that are able to comunicate with webview or website?? Or if there is a fast way to find the function used ??

Related

[Q] web application

guys i have create a web application with php and i use android device! i have a problem...
when i use some time tha application the browsers of the android starts to lag!!! and i must close the browser and open agen!!
evrything else works ok!! and when i restart the browser then works ok for some time and tha shame!!
so i qurius if i have some php coding problem or the android browsers have problem
ps whin i try to use the site from my pc never lags!!!
thanks
Is it possible it's your Device/ROM? More information would be helpful. What is your device/ROM, what is your website etc. Also, this is the wrong section. It need's to go in the Questions/Answer section.
thanks for reply!
my device is galaxy player 5.0 and my web aplication is a general order aplication with mysql data display and some order forms, simple php-html (not javascript)
sory for the wrong section

[Q] Device-agnostic application to access root privilege

Hello everyone!
I am creating an application which needs access to root privileges in order to be able to modify Call Manager given in the Android OS framework.
While I have been able to create an sample application with the help of a platform signature, but this solution is ROM-specific and we really need a way to develop an application which works on multiple platforms.
Any ideas/pointers would be deeply appreciated.
Thanks,
Vincent
Hi all,
I am still looking for an answer, but in the meanwhile I found that sharedUserId uses platform signature for accessing internal/hidden classes.
This is exactly what we have been doing and would like to know if we can have an alternate way to access and modify internal classes without using platform signature.
Thanks

[Q] How to trace or debug an application?

Hi,
I am a newbie...I have an application on my samsung galaxy s3 which I want to trace. It's a rooted device.
The application is for printing.
I want to know what is happening internally when a go through the various steps in the said Application. Is there any way to trace it or debug it in the phone itself or on my system through ADB or something else??
The application also downloads something from the internet during printing...Is there any way of knowing which link its downloading from??
I have gone through a few links on the internet on debugging android apps. and now I am really confused.
Thanx
-Sahil
Please somebody reply...
Is it even possible to debug an existing application ( and the application is paid)??
I only have the apk of the application and not the code....

[Q] Is there a link from Chrome or Gmail to the Android Device Manager

If you need to navigate to the Android Device Manager to locate or shut off your lost Android phone - does anyone know where to find a direct link to the page in Chrome or Gmail?
I think that memorizing the actual address of that page is unlikely to succeed when you are in a mild state of panic over a lost device. And there is no way to know whose device or PC you will use to locate your lost one. Is there an icon or link in a logical place in Chrome or Gmail? I can't find it.
Thanks very much.

Urgent help please

dear community i hope everyone are doing fine, so am gonna go straight to the point
i have a Magisk on both mobile and emulator with all important plugins installed + Frida well installed + many http interceptors + installed the http interceptors certificates in the root ...
- now i have a game that i want to mod and i want to explore as well. the problem is i spent the last 4 days decompiling it and reading it's source code and i couldn't find any urls i even tried using frida to bypass the ssl pinning and i did bypass the ssl pinning and the root detection and still no links and when i use burpsuite the game show other links that has no relation to the game api.
also to mention that when i use this tool HTTP Toolkit and i setup the tool with adb to intercept the calls the game says that the connection to the server is lost and game freezes .
i tried every possible solution before coming here trust me and the last thing is i found these errors in the output from frida which i couldn't find in the source code because there is no functions named
HTTP.SecureProtocol.Org.BouncyCastle.X509.Store
BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto.Tls
......................................
now my question is : can someone give me any idea on how to get the requests without letting the game freezes
another question : if the links aren't present in the apk source code from where the tool is getting those links to perform the api calls
third question : is this has any relation with libraries .so ?
-----------------------
Game Url : https://play.google.com/store/apps/details?id=com.lockwoodpublishing.avakinlife&hl=en&gl=US
------------------------
i hope i can get some help from your guys and thanks in advance ^^
up

Categories

Resources