Reverse Engineering the Drexel One API
Tomer Shemesh
774

Hi Tomer, nice article!

The website you linked works pretty well, but only if the app has not been obfuscated with ProGuard. I’d recommend to use DeGuard by ETH Zürich which is also available online but will produce better results than the site you linked.

Also, to capture packets with Android (without root), there’s an app called Packet Capture which you can find it the Google Play Store. It uses MITM-Attacks to decrypt SSL. I found it require less effort — the only downside of it being, that you have to get the files from your phone if you want to access them on your computer.

Otherwise, what a coincidence, this is what I’ve been doing for the last few days.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.