Freaks City

When reverse‑engineering JavaScript‑heavy websites, sensitive operations such as encryption are often hidden inside Webpack bundles. By understanidng the bundle’s module system we can locate and directly reuse the relevant functions without re‑implementing complex cryptographic algorithms. This guide walks through three real‑world examples, sho ...

Problem Overview The challenge provides two files: an APK and a pcapng packet capture. The solution requires analyzing network traffic and reverse engineering the encryption implementation. Traffic Analysis Opening the pcapng file reveals standard TCP traffic. Following TCP streams and decoding the hex content exposes the application protocol: ...

Target Endpoint and Initialization The target for this analysis is the login portal of a major e-commerce platform. The primary objective is to intercept and decrypt the h5st signature parameter (version 4.7.4) and handle the accompanying CAPTCHA verification. Base64 encoded target: aHR0cHM6Ly9wYXNzcG9ydC5qZC5jb20vbmV3L2xvZ2luLmFzcHg= Request ...

Today's Objective Collect product recommendation data from the Dewu app home screen Target application version: 4.74.5 Bypassing Forced Updates # -*- coding: utf-8 -*- ''' @IDE : PyCharm @version : 3.9 @Auth : Security Researcher @time : 2024/2/25 8:01 @Description: Bypass update dialog in Dewu app ''' import frida import sys rdev = frida.g ...