1
00:00:00,775 --> 00:00:01,608
‫-: Hi.

2
00:00:01,608 --> 00:00:02,441
‫Within this lecture we are going

3
00:00:02,441 --> 00:00:05,940
‫to continue our reverse engineering process.

4
00:00:05,940 --> 00:00:09,330
‫So far, we have seen the Android manifest

5
00:00:09,330 --> 00:00:11,640
‫and I'm going to continue browsing,

6
00:00:11,640 --> 00:00:14,070
‫over here we see the original folder.

7
00:00:14,070 --> 00:00:19,070
‫We see another Android manifest in this folder.

8
00:00:19,620 --> 00:00:21,300
‫So let me open this file as well.

9
00:00:21,300 --> 00:00:23,220
‫Let me come over here.

10
00:00:23,220 --> 00:00:27,120
‫I believe this is no different than our original one

11
00:00:27,120 --> 00:00:30,420
‫but it always takes a little bit time

12
00:00:30,420 --> 00:00:32,910
‫to have a look at this.

13
00:00:32,910 --> 00:00:34,770
‫So let me see.

14
00:00:34,770 --> 00:00:36,990
‫Yep, it seems like it's the same thing.

15
00:00:36,990 --> 00:00:41,130
‫We can still see the Firestore and Firebase over here.

16
00:00:41,130 --> 00:00:42,540
‫So we are pretty certain

17
00:00:42,540 --> 00:00:45,360
‫that it uses Firebase at this point.

18
00:00:45,360 --> 00:00:47,760
‫So I'm gonna close this down.

19
00:00:47,760 --> 00:00:52,110
‫So over here, we don't have any important file for us,

20
00:00:52,110 --> 00:00:54,420
‫at least right now.

21
00:00:54,420 --> 00:00:57,660
‫So let me continue with the resources folder.

22
00:00:57,660 --> 00:00:59,160
‫So in the resources folder,

23
00:00:59,160 --> 00:01:02,100
‫remember our reverse engineering section,

24
00:01:02,100 --> 00:01:06,090
‫we generally see the files, like XML files

25
00:01:06,090 --> 00:01:09,750
‫and drawables, like images over here.

26
00:01:09,750 --> 00:01:13,017
‫And for the colors and drawables,

27
00:01:13,017 --> 00:01:17,400
‫most of the time we don't see anything interesting

28
00:01:17,400 --> 00:01:20,070
‫for our reverse engineering process

29
00:01:20,070 --> 00:01:23,340
‫but rather, we just want to stick with the other files.

30
00:01:23,340 --> 00:01:25,950
‫As you can see, we see the images,

31
00:01:25,950 --> 00:01:28,470
‫like PNG files, JPEG files.

32
00:01:28,470 --> 00:01:32,190
‫So we can have a look at the layout files

33
00:01:32,190 --> 00:01:35,970
‫to see the activities and other stuff over here.

34
00:01:35,970 --> 00:01:39,360
‫But seeing the activity competence like we use

35
00:01:39,360 --> 00:01:41,610
‫will not do much for us.

36
00:01:41,610 --> 00:01:46,170
‫For example, we can get the feed activity over here

37
00:01:46,170 --> 00:01:50,760
‫but we won't get very much interesting things

38
00:01:50,760 --> 00:01:53,010
‫out of this layout files.

39
00:01:53,010 --> 00:01:56,790
‫What we wanna go for, maybe the menu, I don't know,

40
00:01:56,790 --> 00:02:00,270
‫it's not going to do much for us as well.

41
00:02:00,270 --> 00:02:03,900
‫What I generally look at over here is the values.

42
00:02:03,900 --> 00:02:08,010
‫So remember the values, we have these strings

43
00:02:08,010 --> 00:02:11,670
‫and the other drawables, like other XMLs over here,

44
00:02:11,670 --> 00:02:16,080
‫like drawables XML, public XMLs, styles XML.

45
00:02:16,080 --> 00:02:18,390
‫For example, we can see the different styles

46
00:02:18,390 --> 00:02:20,700
‫that are used in this app

47
00:02:20,700 --> 00:02:23,880
‫but we are generally interested in the strings.

48
00:02:23,880 --> 00:02:26,640
‫So remember strings, we can see some passwords,

49
00:02:26,640 --> 00:02:28,500
‫we can see some values

50
00:02:28,500 --> 00:02:32,460
‫that are crucial for our reverse engineering process.

51
00:02:32,460 --> 00:02:37,230
‫So I'm going to have a look at this strings.xml file.

52
00:02:37,230 --> 00:02:39,510
‫So I'm gonna zoom in a little bit.

53
00:02:39,510 --> 00:02:42,690
‫So if you look over here, you can see the titles,

54
00:02:42,690 --> 00:02:45,390
‫like play services stuff.

55
00:02:45,390 --> 00:02:48,540
‫And at the end of this file

56
00:02:48,540 --> 00:02:53,540
‫there is Google API key and Google app ID.

57
00:02:53,610 --> 00:02:56,551
‫These are Firebase IDs.

58
00:02:56,551 --> 00:02:59,430
‫And over here, we see the project ID

59
00:02:59,430 --> 00:03:03,090
‫which is the thing that we are looking for.

60
00:03:03,090 --> 00:03:06,150
‫So, in fact, at this point,

61
00:03:06,150 --> 00:03:08,010
‫we are done with the reverse engineering

62
00:03:08,010 --> 00:03:11,070
‫because that's the value that we have been looking for,

63
00:03:11,070 --> 00:03:15,060
‫tweetapp-9603f.

64
00:03:15,060 --> 00:03:17,310
‫Of course, this will be different for you,

65
00:03:17,310 --> 00:03:19,680
‫so make sure you find your own.

66
00:03:19,680 --> 00:03:23,610
‫And this is the ID, this is the thing

67
00:03:23,610 --> 00:03:26,520
‫that you need to focus on

68
00:03:26,520 --> 00:03:29,579
‫in order to hack into the Firestore.

69
00:03:29,579 --> 00:03:33,870
‫And we are going to do that at the end of the section.

70
00:03:33,870 --> 00:03:37,620
‫We are going to hack into the app, hack into the server,

71
00:03:37,620 --> 00:03:39,360
‫at the end of the section.

72
00:03:39,360 --> 00:03:43,500
‫But just to give you an idea, just for you to comprehend

73
00:03:43,500 --> 00:03:46,770
‫why we are looking for this value,

74
00:03:46,770 --> 00:03:50,580
‫I'm just going to do a little bit demonstration over here

75
00:03:50,580 --> 00:03:55,350
‫to get all the data, to get every value on the database

76
00:03:55,350 --> 00:03:57,453
‫with a single line of command.

77
00:03:58,830 --> 00:04:01,050
‫You don't have to do that right now.

78
00:04:01,050 --> 00:04:05,100
‫I'm going to explain the command that I'm using over here

79
00:04:05,100 --> 00:04:08,910
‫in a great detail at the later lectures.

80
00:04:08,910 --> 00:04:13,110
‫But just for you to see, just for you to understand,

81
00:04:13,110 --> 00:04:15,270
‫I'm just going to do this.

82
00:04:15,270 --> 00:04:20,270
‫So I'm gonna copy this tweetapp-960 and stuff from here.

83
00:04:20,760 --> 00:04:23,430
‫And remember, this is different for you

84
00:04:23,430 --> 00:04:25,380
‫and it's perfectly normal.

85
00:04:25,380 --> 00:04:29,520
‫Every Firebase app gets a unique ID.

86
00:04:29,520 --> 00:04:31,830
‫So this is how Firebase servers

87
00:04:31,830 --> 00:04:34,680
‫actually understands the app.

88
00:04:34,680 --> 00:04:38,760
‫So let me clear this and find my command over here.

89
00:04:38,760 --> 00:04:40,890
‫So I'm looking for this command.

90
00:04:40,890 --> 00:04:44,280
‫I'm going to explain this command later on.

91
00:04:44,280 --> 00:04:48,270
‫I'm using something called curl over here

92
00:04:48,270 --> 00:04:50,100
‫and I'm going to use this ID,

93
00:04:50,100 --> 00:04:52,230
‫so I'm going to copy this one.

94
00:04:52,230 --> 00:04:54,390
‫So let me bring this down.

95
00:04:54,390 --> 00:04:56,190
‫And rather than this,

96
00:04:56,190 --> 00:05:01,050
‫I'm going to give in my own ID over here

97
00:05:01,050 --> 00:05:06,050
‫and just paste the ID that I have copied over here.

98
00:05:07,230 --> 00:05:09,780
‫Now, again, don't worry about this command,

99
00:05:09,780 --> 00:05:11,850
‫I'm going to explain why this works

100
00:05:11,850 --> 00:05:14,910
‫or why it works in some cases.

101
00:05:14,910 --> 00:05:18,630
‫And as you can see, we managed to get the data.

102
00:05:18,630 --> 00:05:21,540
‫Now, in fact, we, we hacked this application

103
00:05:21,540 --> 00:05:23,340
‫with single line of command.

104
00:05:23,340 --> 00:05:28,290
‫So right now, I have all the data in the app's database.

105
00:05:28,290 --> 00:05:33,180
‫All I did was to reverse engineer it a little bit actually,

106
00:05:33,180 --> 00:05:37,860
‫just have a look at the values XML and the Android manifest,

107
00:05:37,860 --> 00:05:41,220
‫and we managed to get into the database.

108
00:05:41,220 --> 00:05:44,940
‫So later on, we are going to see how this works,

109
00:05:44,940 --> 00:05:49,290
‫why this works and we will see actually

110
00:05:49,290 --> 00:05:53,040
‫how to delete the data if we want.

111
00:05:53,040 --> 00:05:55,440
‫And we're gonna do that at the end of the section

112
00:05:55,440 --> 00:05:58,260
‫because we are going to see if this doesn't work,

113
00:05:58,260 --> 00:06:01,440
‫if you cannot get the project ID for some reason,

114
00:06:01,440 --> 00:06:03,780
‫from APK tool, then there are a couple

115
00:06:03,780 --> 00:06:07,170
‫of other alternative ways in order for you to use,

116
00:06:07,170 --> 00:06:09,270
‫like network listening.

117
00:06:09,270 --> 00:06:12,900
‫And you can use network sniffing or network listening

118
00:06:12,900 --> 00:06:16,200
‫for other kind of purposes as well.

119
00:06:16,200 --> 00:06:19,350
‫So it's good thing for you to learn.

120
00:06:19,350 --> 00:06:22,740
‫It's a good skill for you to comprehend

121
00:06:22,740 --> 00:06:25,560
‫if you want to be a mobile ethical hacker.

122
00:06:25,560 --> 00:06:27,060
‫So that's what we are going to do

123
00:06:27,060 --> 00:06:29,370
‫at the rest of these lectures.

124
00:06:29,370 --> 00:06:31,833
‫Let's meet in the new lecture.