![dollar to naira black market rate dollar to naira black market rate](https://techorganism.com/wp-content/uploads/2019/09/Pounds-to-naira.jpg)
At this point, we can break down the code looking at each IF and ELSE IF and determine what values are needed. This will help us understand what we need to do in order to simplify the completion of this challenge. We take another approach and examine the decompiled Java code.Ī quick Google search will help you understand what is the point of the OnFling() method as well as its parameters. As I mentioned previously, looking at ARM assembly is not as pleasant as x86.
![dollar to naira black market rate dollar to naira black market rate](https://www.tori.ng/userfiles/image/2020/dec/02/naira-dollar.jpg)
If you look at those ten functions, most of them have a loop with some sort of bitwise operation, which tells me there is some decoding going on. Looking at that function and using IDA’s ‘Xrefs from’ we see it calls ten other functions. Looking at the other method ‘well()’ we can see it calls a function (Note: I have renamed this function) ‘well_func1_F8C’. It coincides with the fact that this method, after being called, returns a value that is used as a string in displaying text. If you remember, we saw this text when we loaded the app in our emulator. By looking at the code, we can tell that its loading a string “Your eyes can se so cruel” and then returns. Examining ARM assembly hurts my eyes more than looking at x86 assembly, but we will attempt to analyze these methods a bit. Under exports we see the native methods we previously found in our decompiled Java code. Let’s switch over to IDA for a bit and examine the native library. Using this key gives us the following result: Based on the checks encountered, we can conclude that the provided key must be that of ‘BAdPuzzl3r!?’. The string of ‘aNoJ’ is then concatenated at the end. Taking everything learned, we can conclude that the application is looking for a key of length 12. To make things slightly more difficult, function overloading is also used to make reversing a bit trickier. Also, string obfuscation was used via the l1() and llll() functions, which unhex and XOR strings respectively. In addition to everything encountered, various red herring code snippets are included to waste the reverser’s time. An embedded Garbage.jpg is read and attempted to be decrypted against the provided key if all of these conditions are met.Finally, further checks are made against the last two bytes of the provided key, looking for ‘!’ and ‘?’.The same checks are performed against the 9 th and 10 th characters, looking for ‘3’ and ‘r’ respectively.The 5 th through 8 th characters of the provided key are checked against a long embedded string, looking for a value of ‘uzzl’.Reversing this process allows us to conclude the application is looking for an inputted string of ‘AdP’ at bytes 2 through 4 of the provided key. The 2 nd through 4 th characters of the provided key are XORed against a key and checked for a result of ‘DIE’.The first two characters are stored to a variable and later used in the key (‘No’). Based on all possible manufacturers, we can conclude that this code is looking for a string of ‘Nokia’. The SystemManufacturer is checked for a length of 5 and the last three characters of ‘kia’.The embedded MrBurns.jpg file is loaded, and the 7th byte is read and later used in the key (‘J’).The first byte of the provided key is checked for an ordinal of 66, or the character ‘B’.The 6th byte of this string (‘a’) is stored to later be used in the key. Checks to see if the SystemProductName starts with a ‘V’, which it should since our previous check was looking for ‘Virtual’.The code then makes the following checks: However, should it have a length of 12, code execution proceeds. If the key does not have a length of 12, a random error message will be returned. The length of the key is first inspected. If the user makes it this far, the code will start looking at the provided user input to determine if the correct key is provided.
![dollar to naira black market rate dollar to naira black market rate](https://miro.medium.com/max/1400/0*Ha4LTnlKOerpxDTH.png)
![dollar to naira black market rate dollar to naira black market rate](https://i1.wp.com/infomediang.com/wp-content/uploads/2021/11/enaira-vs-USD-to-Naira-black-market-rate-e1635951622325.jpg)
If we follow what is passed to setOnClickListener, it points to a class ‘b’ which has the function OnClick.įigure 4 One of the many error messages encountered Inside the onCreate function we see setOnClickListener. If you recall from loading the app into the emulator, we saw a button so this leads us to believe a function handles the action of clicking it.
#DOLLAR TO NAIRA BLACK MARKET RATE ANDROID#
This is the first callback when an Android application is started. In order to trace it back, we need to look for the onCreate function. We need to find where this function is being called from and the char array that is passed as an argument. Inside that function we have an array of int’s, which if we were to guess, is the encoded flag. We immediately notice a function that takes an array of char as a parameter and returns an array of char. We can go straight into viewing smali code or we can use Bytecodeviewer.īy examining the code, we can see decompiled code in java. At this point we can start analyzing the app’s code. Seems the app is doing some checking for the email and password.