Hi,

I want to reverse engineer api of an Android app to make a custom client that works on linux. I have good understanding of Linux, Networking and coding.

Where should I start? Is it too hard?

  • vzq@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    17
    ·
    edit-2
    11 months ago

    You configure your traffic to get routed through a man in the middle proxy. If you get certificate errors you can’t ignore, you need to use something like Frida to remove the certificate checks/pinning.

    After that you look at the plaintext requests. Odds are that there is an authorization system you need to figure out. Again jadx/Frida is your friend.