I seem to have a knack for finding the hardest problems to start with. Anyway I
thought I would have a look at doing some android reverse engineering on a
local transit app.
First you will need to get the apk application bundle for the app you want to
have a look at. If you have the app installed on your phone this is really easy
to do with
adb
.
$ adb shell
anddroid$ pm list packages
package:com.google.android.youtube
package:com.android.providers.telephony
...
package:com.android.documentsui
package:com.android.externalstorage
package:com.test.testapp
anddroid$ pm list packages | grep testapp
package:com.test.testapp
anddroid$ pm path com.test.testapp
package:/data/app/com.test.testapp/base.apk
anddroid$ exit
$ adb pull /data/app/com.test.testapp/base.apk
Now you will have the apps apk as
base.apk
and feed it to
jadx
. jadx is
a dex to java decompiler with a pretty gui and the ability to deobfuscate code.
When you fire up jadx with the apk you will get a complete break down of the
apk bundle and decompiled classes.
At this point you should see the decomiled classes, but as I said I am great at
picking hard targets. There is some decompiled java here, but there are also
mono packages and a load of dlls shipped in the assemblies directory.
As I said, great at picking hard targets. To get further with this I shall have
to find a c# decompiler, they seem to be quite common.
Reading:
Little Brother, Transmetropolitan
Today has been a very slow start, most of yesterday was spent drinking shows and
playing with radios. I wanted to post a gif from twitter, but my brain isn't
work well enough to figure out how on earth to get hold of one.:
I can embed a tweet here using the code twitter gives me, but the media preview
doesn't seem to work. There aren't any errors in the console or in the network
debugger in firefox.
It
is
Sunday, so that
makes
seven
days
of
writing
.
Reading:
Little Brother, Transmetropolitan
Weather is horrible againg, looks like we are getting the tail end of some
dramatic weather.
Hibby
and I planned ot try some more
line of sight microwave
, neither
of us fancied climbing a hill in this storm. Instead we did a bit hf from my
QTH. Radio power meter looks mental when doing
hell
.
Reading:
Little Brother, Transmetropolitan
It is raining so hard I can hear it over my music and the rumble of the bus. It
is raining in the book I am reading. Completely unconnected events, but humans
have this thing for making patterns where they don't exist.
In this book
over centralisation leads to a complete media blackout.
Decentralisation is a core
ethical tenant
, of course I enjoy the collapse
of the media in the story.
But what can you do about centralisation?
Until the singularity you are going to be stuck as a centralised human being. I
know it sucks, but one day we will be able to move past this.
The
indieweb movement
has
great advice
for
getting started
. The
biggest single step you can take to decentralise yourself on the internet is to
have another machine to represent you.
Once you have a VPS running somewhere in the internet, you have access to an
constantly running, near permanent version of yourself.
Reading:
Little Brother, Transmetropolitan
I was pretty much dead yesterday, I didn't do anything interesting.
I signed up for an
Offensive Security Newsletter
from
Phobos Group
.
I don't normally take corporate output directly, the
people behind
Phobos
have a track record of doing awesome things. The first issue appeared today,
certainly worth a read.
I have been thinking about adding more automation into my...I dunno life? This
morning I was thinking about using post tags to automatically cross blog to
reddit. I think that might work for well for
hacking
,
radio
definitely has a home in the ham subreddits.
I am not sure if there is somewhere that will welcome the daily
morning
posts.
/r/Blogging
has a
weekly 'Check out my blog'
thread, but it is
limited to one post per blog per week. I wonder if there is somewhere I can
feed my daily ritual, like a
don't break the chain place
.
I will automate everything to go out the
twitter hole
, I would like to do
the tag thing to irc channels to. That might be a bit insane and self
promotional though.
Reading:
Little Brother, Transmet