How malicious applications abuse Android permissions

Introduction Many Android applications on the Google Play Store request a plethora of permissions to the user. In most cases, those permissions are actually required by the application to work properly, even if it is not always clear why, while other times they are plainly unnecessary for the application or are used for malicious purposes. … Continue reading How malicious applications abuse Android permissions →

A closer look at the security of React Native biometric libraries

Many applications require the user to authenticate inside the application before they can access any content. Depending on the sensitivity of the information contained within, applications usually have two approaches: The user authenticates once, then stays authenticated until they manually log out;The user does not stay logged in for too long and has to re-authenticate … Continue reading A closer look at the security of React Native biometric libraries →

Backdooring Android Apps for Dummies

TL;DR - In this post, we'll explore some mobile malware: how to create them, what they can do, and how to avoid them. Are you interested in learning more about how to protect your phone from shady figures? Then this blog post is for you. Introduction We all know the classic ideas about security on … Continue reading Backdooring Android Apps for Dummies →

Intercepting Flutter traffic on iOS

My previous blogposts explained how to intercept Flutter traffic on Android ARMv8, with a detailed follow along guide for ARMv7. This blogpost does the same for iOS. ⚠️ Update August 2022 ⚠️An update to this blog post was written and can be found here. It covers both iOS and Android and a convenient script / … Continue reading Intercepting Flutter traffic on iOS →

Intercepting Flutter traffic on Android (ARMv8)

In a previous blogpost, I explained my steps for reversing the flutter.so binary to identify the correct offset/pattern to bypass certificate validation. As a very quick summary: Flutter doesn't use the system's proxy settings, and it doesn't use the system's certificate store, so normal approaches don't work. My previous guide only explained how to intercept … Continue reading Intercepting Flutter traffic on Android (ARMv8) →

Intercepting traffic from Android Flutter applications

Update: The explanation below explains the step for ARMv7. For ARMv8 (64bit), see this blogpost. ⚠️ Update August 2022 ⚠️An update to this blog post was written and can be found here. It covers both iOS and Android and a convenient script / Frida codeshare to use. Flutter is Google's new open source mobile development framework that … Continue reading Intercepting traffic from Android Flutter applications →