-
Investigating a proprietary Android 2FA system
This article concerns an Android app used as part of a proprietary two-factor authentication (2FA) system. Investigation of the app and 2FA protocol reveals some interesting design decisions.
Overview
The 2FA system is similar to well-known offerings such as Duo Security and Okta Verify.… »
-
Investigating a historical Android anti-root protection system
This article concerns a specialised Android app used as part of a proprietary authentication protocol, developed in the late 2010s. Given the intended use case, the app features a number of aggressive security measures – the app uses FLAG_SECURE and does not run when developer… »
-
Investigating a proprietary early-2000s abandonware ebook format
This article concerns a Windows software product which featured the ability to compile HTML websites and multimedia content into a standalone EXE file. The last release of this product was in 2003, and the product website has ceased to operate from 2012. Content was stored… »
-
Reverse engineering software licensing from early-2000s abandonware – Part 3
In part 2, we reverse engineered the decrypted format of the licence file data for this particular software. In this part, we investigate that how exactly that licence file is encrypted.
Into the fray
In part 2, we identified that the decrypted licence file… »
-
Reverse engineering software licensing from early-2000s abandonware – Part 2
In part 1, we reverse engineered the registration code licensing mechanism of this particular software. However, that mechanism was not the mechanism actually in use in 2004; rather, a different mechanism was used based on licence files named license.bin. In this part, we… »
-
Reverse engineering software licensing from early-2000s abandonware – Part 1
Background
This series concerns a software licensing system used in a proprietary software application from circa 2004. The software was available in an unregistered trial mode with limited functionality. A free licence could be obtained by registering online with the software vendor. The software became… »
-
Investigating and disabling hard-coded certificate pinning in an Android application
mitmproxy is an open source interactive HTTPS proxy, which makes it easy to intercept HTTPS for reverse engineering, including an Android clients. It does this by installing its own CA certificate on the client device.1
Recently, I was attempting to reverse engineer the HTTPS… »
-
Illegal numbers
Legal counsel for various companies, including AACS LA (Advanced Access Content System Licensing Administrator) LLC, DVD Copy Control Association Incorporated, Intel Corporation, Motion Picture Association of America Incorporated, Sony Computer Entertainment America Incorporated and Texas Instruments Incorporated, have determined that the possession or distribution of… »
-
Investigating Google Cast: Disabling device authentication on Android with Xposed
Background
Google Cast is a proprietary protocol by Google which enables controlling playback of Internet-streamed audiovisual content on the Chromecast, Android TV and other compatible devices.
From the consumer perspective, Google Cast connects two devices: a sender (such as a smartphone) and a receiver (such… »
-
Investigating a MIDI music DRM system (c. 1998)
Background
This post concerns a DRM system used in a proprietary JavaScript-based music player. The music is sequenced locally in the client based on instrument and note data, à la MIDI. The music player does not have any export capabilities, but like the previous instalment… »
-
Investigating a legacy document delivery DRM system – Part 2
Last time, we investigated the HTML5 viewer for a document delivery DRM system, rehosting the viewer to give us unlimited access to documents – but only through the standard print procedure, which inserts watermarks and copyright information. This time, we'll investigate how we can… »
-
Investigating a legacy document delivery DRM system – Part 1
Background
This post concerns a DRM system used in an online document delivery platform (think PDFs, but proprietary), established circa 2000 and still in popular operation. Documents purchased through the platform are delivered in a proprietary encrypted file format, which can be opened using a… »