This the second and final writeup of Android challenges which was given in 8st Sharif CTF. I’ve wrote about the team and place in the previous post. The writeup begins …
Knowing all possible web paths in the world is the initial step for making a search engine (SE). By means of SE one can analyze the web for the material he/she likes. In normal Domain Name System, each TLD provider (Top Level Domain) can sell or release list of all its domains. As an example .com TLD can sell or release all the domains which are end with “.com“. But the problem is more complicated in TOR (or other hidden service providers). In this post I will talk about my tool named Onion Harvester and how to find initial points for finding hidden services to be crawled.
I’ve met 2048 game many years ago. It is an addictive game witch takes lots of time from the player. 🙁
So what should I do if I want to have high score and save time? Here is where Smali takes part. 🙂
In this post I will describe how to inject into Android 2048 game and change the score! Continue reading Smali Code Injection: Playing with 2048!
In this post I wanted to demonstrate a simple code injection example in Android. As indicated in previous posts about reversing java, the method of code execution is same in Android. Whereas Java, the BYTE CODE are SMALI codes here and the executor is Dalvik (recently ART) in Android (not JVM). Here in this post, I will describe shortly how to reverse and inject code in SMALI.
Recently I’ve interested in byte code structure of Java and Dalvik. I’ve found some useful tools for playing with them.
Destination Byte Code
Java byte codes are simple to reverse engineering because they compile in run time. i.e. JVM will execute the byte codes in run time, thus Java code is cross platform but executes with more delay than direct compiled machine codes (for example using C++ and gcc).