This app is the love of countless otaku, also known as the "gun artifact", its registered users have reached 80 million, but heard that they are very strict protection of the app, to prevent users from packaging two times. Now let's analyze how secure this app is.
First of all, we analyze the next two packaging protection, we first go to the Internet to find the app's installation package, unpacked--------------and run. found that when we log in, we will be prompted that the signature information is inconsistent, resulting in the inability to log in. After analysis, he is to upload the APK signature information to the server and then verify, and then we need to find him to get the sign
Name information, such as:
Ok, the way to get the signature information has been obtained, now we have to do is to change his signature information for the signature string we obtained from the original package, such as:
In this step we can bypass his two-time package protection, can log in.
Secondly, for this social app, the user's account password is also very important, below we will analyze how to obtain the user's account password, such as:
Easily free to get the user's account password ... Speaking of the heart is a little excited, may wish to try.
Security analysis for a social app