Reverse Engineering a Flutter app | English | Release Mode | IP Security Labs | Erode
ฝัง
- เผยแพร่เมื่อ 4 ต.ค. 2024
- In this video, we dive into the fascinating world of reverse engineering by exploring a Flutter Android application in release mode. You might remember our previous video where we tackled reverse engineering in debug mode for an Android application.
In this capture the flag challenge, we take you through the entire process step by step. We start by launching the Android emulator and running the application. The app's behavior is simple - it displays 'password wrong' until you enter the correct password.
Reverse engineering a Flutter app is a bit different, as there are no straightforward tools for it yet. But we're determined to uncover the flag hidden inside the app. With the help of Apktool, we decompile the application to access its metadata, and from there, we explore the native shared object libraries.
Our journey takes us through the 'lib' folder, where we discover the 'libflutter.so' containing the Flutter Engine and the 'libapp.so' with the application logic. Though it's a stripped binary, we're determined to find the flag.
To maximize our chances of capturing the flag, we first identify the common flag format - 'IPSEC{}.' Armed with this knowledge, we search for strings within the .so file to find the flag we're after.
After successfully locating the flag, we copy and paste it into the running application, and 'voilà,' it's correct! We've cracked the code.
It's worth noting that Flutter app reverse engineering is challenging due to continuous updates and the lack of dedicated tools, but we've demonstrated that it's not impossible.
Disclaimer: This video is for educational purposes only, and we do not encourage or condone any illegal activities. It's essential to use your knowledge and skills responsibly and ethically.
Thank you for watching this exciting journey through reverse engineering. If you found this video helpful or interesting, don't forget to like and subscribe for more tech-related content. Stay tuned for more IP Security Labs challenges and insights!
APK Link:
github.com/Abh...
IP Security Labs | Flutter Pentest | Android Penetration Testing | Flutter Security | Erode | Ethical Hacking - วิทยาศาสตร์และเทคโนโลยี
![เปิดบ้าน พี่ตูน Bodyslam หลังใหม่คนแรก ที่ภูเก็ต l [Nickynachat]](http://i.ytimg.com/vi/flFwcmyDQSk/mqdefault.jpg)
do you have tg ?
🔥🔥🔥
❤️🤩
Any ideas with obfuscate flutter?
Ida pro might work
@@ipseclabs wow how to?
@@ipseclabs totally new with ida.. Known just Android you know blutter, Reflutter. Well it's not works for obfuscate flutter..
Yeah, most of current flutter reversing tools won't work with obfuscated stuffs
You just put libapp.so from flutter app into uda pro and start digging.... It's totally straight forward approach I guess.
@@ipseclabs wow looking interesting thanks for information I will try that 👌
How to use it in windows ?
How to install strings tool in Windows
Thanks❤
more < FILE_PATH.exe | findstr "."
This may work