Post number #288998, ID: 0456df
|
Just found la/u/ncher on Google play, is there something to hack in this app? Should i reverse-engineer this app? Or have anyone tried before?
Post number #289002, ID: 29b105
|
why
Post number #289020, ID: 80c7d5
|
The better question is why not and What we waiting for? We need check if is dangerous or saferous The weak part is we has been indexed for freaking Google
Post number #289028, ID: 0456df
|
Well i really don't know the app and what it is making it special. Should it always stay private? Is it a darknet replica? Should the packets sent from client to server be extremely encrypted?
Post number #289031, ID: a8cb45
|
>reverse engineering an already Free and Open-Source app https://github.com/nilesr/united4
Post number #289035, ID: 0456df
|
>>289031 Reverse engineering is not only the proccess of understanding what the app does. I mean maybe we can find some security bugs? Maybe we can improve the app's functionality?
Post number #289037, ID: a8cb45
|
>>289035 I believe that's called contributing and testing.
Post number #289043, ID: 0456df
|
>>289037 I think it's called contributing or testing when the developer does it. Not the users. Anyways, what would you do if you had the chance to hack anything in this app? What would benefit?
Post number #289065, ID: 2ff48f
|
It's a fucking game-inspired textboard.
Post number #289097, ID: 94434f
|
Too late, it has been sending your smol dick pics to the server
Post number #289182, ID: 29b105
|
>>289043 And it's called reverse engineering when the users do it??? I'm confused, if you'd like to contribute to the app you can just fork the repo, and fuck that shit up.
Post number #289217, ID: ee3703
|
>>289182 You may be right, forget it, let's just call it beep-boop, so what should we beep-boop in this app?
Post number #289220, ID: 2f499e
|
I have already checked the app source code its a great app i can tell you but it dose not completely seal your identity.Packages can still be "cached" and identified they way anonymity works is more for those who use it and i have no problem with that is still great.
Post number #289225, ID: 8f84d1
|
>>289043 The thing about FOSS is, that any user can become a developer, only restricted by knowledge and skill but not by license policy.
Post number #289258, ID: eb4c20
|
Use the website. Problem solved.
Post number #289432, ID: d52f84
|
But it uses the bad HTTP. No 'S' in there. It's a 'S'ecurity hole
Post number #289436, ID: ee3703
|
Is there any feature in this app like "see all the posts by user id : xxxxxx" ? If not, it can probably be done by writing a simple bot.
Post number #289509, ID: 3ebb88
|
>>2ff48f Exactly. Stop trying to figure the meaning of this app
Post number #289532, ID: 994645
|
>>289509 That's what they would say!
Post number #289793, ID: 8f84d1
|
>>289432 You sure no SSL is used in the app? Because the website has SSL.
Post number #289803, ID: 712a58
|
>>289793 Using SSL doesn't help by itself, you have to use SSL pinning too. Otherwise a reverse engineer can read the encrypted data with a custom SSL certificate. Even though the pinning is bypassable too, it can prevent webrequest sniffing in most cases if it's done properly.
Post number #289851, ID: eb4c20
|
>>289803 And the app solves this shortcoming, how?
Post number #289858, ID: 712a58
|
>>289851 Haven't inspected this app yet, but if their server uses SSL but the client (the app) doesn't have SSL pinning, it's nonsense. Pinning means the client allows you to connect with a specific certificate only. So you can not use custom ones to decipher data.
Post number #290811, ID: fb69c9
|
Lain is so putting this thread on his watchlist
Post number #290890, ID: 4ee4aa
|
>>290811 >his Did you just assume Lain's gender to be male?
Post number #290951, ID: 8ddfd7
|
ITT people discuss reverse engineering the app, and Lain fixes stuff in the background
Post number #291035, ID: 3d4b64
|
Did you just assume it may be wrong
Post number #291637, ID: 80c7d5
|
>>290811>>290890 heresy
Total number of posts: 28,
last modified on:
Fri Jan 1 00:00:00 1526984010
| Just found la/u/ncher on Google play, is there something to hack in this app? Should i reverse-engineer this app? Or have anyone tried before?