Issue
I have captured request content of a mobile app (iphone) through a proxy (Charles Proxy), but the content seems to be encoded which I want to decode into human-readable format. As the source of the encoding format is not known, I cannot decode it, I have tried several online tools with different source formats but none of it decode it properly. How to decode such content properly?
pv8WkNKPolGj6EgiYKNXzlGAOjGku5ewenklAlyQ58wpWcLBH7y4S0ZZ12JODvWSLpvoJbeffKgDxvaTMTt17qLUNKsiTroaldStWO5n+H1BdI+IXLFusgipOtpUUvnvbA52x0Gwi349bfXNCD9EamQBEPD8J+zreVtYwvgL9b7ohgvnoq2WXpOeHs9hTJnWEwAiLzPTocVDzr3kzLsMsB6N10X+pnJ/QODY3RDklqQeb5o6vzvTapgs5G/R2ZjsvzBTJ/u+DuLxulVfNUAKXGjh4CVAWjWzsymuxo1CaI7s3nPW17Kx9BNYxw37r4TKAqTMA+A0uP+NPi17KsC9ag==
UPDATE:
Solution
The request/response content is encrypted by java cryptography before sending it in the network using the AES cipher algorithm and cipher transformation is done with AES/CBC/PKCS5Padding. I am able to decrypt it by debugging APK code and finding the secret key used to encrypt the content. It's really another level of encryption before sending it in the network.
Answered By - user1614862 Answer Checked By - Clifford M. (PHPFixing Volunteer)
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.