Man in the middle attacks demo + Reverse Engineering Attacks on users - what they do, what their credentials are Communication types: ● Browser + HTTP ● Browser + HTTPS ● Browser + HTTPS + HSTS (HTTP Strict Transport Security) ● App + HTTP/HTTPS ● App + certificate pinning Simplest how-to 1. You must earn the power of hacking by passing the steps with your own skills and knowledge 2. You must have two network adapters - either ethernet+WiFi, or a WiFi dongle 3. Download and install Burp, understand how Burp certificate works 4. Either set up Burp proxy (it's IP and host) to your phone's advanced WiFi settings Or setup transparent proxying via Iptables (on Linux): iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080 iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 443 And in Burp, listen on these ports on the interface of your WiFi adapter Attacks on applications - functionality, structure, logic, security, keys.. ● App + installed certificate ● Reverse Engineering ● MITM Reverse Engineering Apktool http://ibotpeaches.github.io/Apktool/ A tool for Reverse Engineering resources nearly to their original form ● Layouts, colors, strings... ● Android Manifest ● Smali code - debuggable, better readable than byte code Cmd command: apktool d app_name.apk Reverse Engineering Dex2jar ● Decompiles compiled Java classes to .jar files to nearly their original form ● Jar files can be opened in tools like Luyten https://github.com/pxb1988/dex2jar https://github.com/deathmarine/Luyten/releases 1. Unzip .apk file 2. sh dex2jar/d2j-dex2jar.sh unzipped_dir/classes.dex 3. Drag and drop created classes.jar to Luyten and read :) Reverse Engineering Where to hide secret keys in Android apps? Native code!!! Is not Java and is decompiled much harder :)