Apktool VS CyberChef

App tampering and repackaging can be performed by using reverse engineering or tampering tools, such as Apktool, dex2jar, etc.

Apktool made by iBotPeaches, this uses v2.9.1

Can someone clarify what "PP tools" are, and provide a link to them? I came across this link (https://apktool.org/) but I'm not sure if it's the right tool.

Apktool is all you need most of the time.

But it'll still be editable and we can make something good out of it. One of the famous ones, that I'm planning to use is ApkTool(https://ibotpeaches.github.io/Apktool/).

I did a dissection of twitter apk (got from apk pure) with apktool, and I found permission :

Not sure. I started reverse engineering Java apps very early in my life — initially it was J2ME games. Decompilers of the time sucked but that didn't stop me from modding Gravity Defied :P

I honestly don't know what's a good way of getting started on reverse engineering. There's a bunch of everything about Windows executables in particular, including "crackmes", but native machine code is a level up from JVM bytecode. Java classes and Android dex files can be decompiled back to sensible source with a good chance that you get something that can be compiled again. No such luck for native code — C/C++ compilation is a lossy process by its nature, especially the optimizations. Ghidra does a decent job but still requires a non-zero amount of manual assistance. Flash games also were good to hone one's reverse engineering skills since ActionScript decompilers did a pretty darn good job.

Anyway. To decompile dex to Java source, there's jadx: https://github.com/skylot/jadx

Since decompilation is sometimes lossy, there's apktool for when you want to put the app back together after tinkering with it: https://github.com/iBotPeaches/Apktool

It goes without saying that you also need a JDK and the Android SDK. In particular, you need apksigner form the SDK to sign the unsigned apks generated by apktool. You can also automate things a bit and use adb to deploy them to your device.

What I usually do is get a high-level overview of the app in jadx, and then modify the smali (dalvik bytecode in text form, very assembly-like) files generated by apktool.

I am not game or android app dev, but you might first need to de-compile apk using tools like https://ibotpeaches.github.io/Apktool/

Then we take the encrypted text and use CyberChef to decrypt it.

Let's go to CyberChef and insert our pieces of evidence.

A parameter was changed from '2AMBCgIQBg' to 'CgIIAdgDAQ%3D%3D' which is just the correct base64 encoding they should have been using the entire time.

I don't think this was a hostile action by Google, I think someone just added better input validation for security reasons and it accidently broke the bad requests they were sending.

https://gchq.github.io/CyberChef/#recipe=URL_Decode()From_Ba...

❗This is indeed the flag, but the text is encrypted with Base64. Usually, the presence of padding character "=" indicates that's Base64 type of encoding (but that's only one of the hints). To decrypt it, we can use CyberChef. Copy-paste the text and we either:

It uses a combination of magic bytes (like the `file` command), entropy analysis and character frequency detection to determine whether an output is likely to be of interest to the user.

The file type mechanism is written here[0]. There's a list of all signatures we detect here[1].

[0] https://github.com/gchq/CyberChef/blob/master/src/core/lib/F...

I think this can be deciphered using CyberChef...