Three Ways to Hack Mobile Apps
Вставка
- Опубліковано 9 жов 2024
- jh.live/guards... || Protect and defend your own mobile applications with Guardsquare! jh.live/guards...
Learn Cybersecurity - Name Your Price Training with John Hammond: nameyourpricet...
Learn Coding: jh.live/codecr...
Don't listen to other "influencer" VPN crap -- host YOUR OWN: jh.live/openvpn
WATCH MORE:
Dark Web & Cybercrime Investigations: • Tracking Cybercrime on...
Malware & Hacker Tradecraft: • Malware Analysis & Thr...
📧JOIN MY NEWSLETTER ➡ jh.live/email
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/discord ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
🔥UA-cam ALGORITHM ➡ Like, Comment, & Subscribe!
Conclusion: Do not store sensitive info on the client, doesn't matter if it is a mobile, web or desktop application
And proper use of API keys
Password managers and OTP apps are crying (from laughter) because of your comment
for a while John H. focused on very niche scenarios on cyber security, I'm glad he is talking about what most devs do assuming that is so common , that all the loop holes are fixed and unexploitable due to it being so mainstream. I'm all ears !
Never realized that all my java app dev would come to use one of these days lmao
these days they use kotlin and frameworks like react and flutter
@@x.plorer For sure. Why write in two languages (java and swift) the same application when you can just write in one (react native) and have it go to both?
Yaaaas. I've done a bit of this stuff, but didn't really get into it (got sidetracked, priorities changed).
This ought to be enlightening.
I've been on hiatus a bit from my studies, but this gets me wanting to start up again.
I have plans for setting up a new hacking environment soon.
The plan is to run a hypervisor with a environment templates.
Thinking for things like this, building containers with all of the tooling so I can just import a container to my RE template when I want to perform "apk-cracking", "hash-cracking", "web-app-cracking" etc.
Then use git for importing and exporting my nodes and libraries.
Pretty cool
This dude just keeps dropping absolute 🔥❤
BRO i needed this just one day ago, there is no video that explains like this ,and I had a competition to attend to.
Obfuscation tools make it easier for the bad guys too, unfortunately. It can also make developers lazy with regards to security, mistakenly thinking that something can't be cracked. It always will be crackable if you are determined enough.
Bro always loves your videos, can you make a video on hacking apis mainly finding the endpoints are the headaches bro
Hey John, just to let you know that you're doing great work here! 🔥🔥🔥
cringe
Finally Jhon..!!! episode I've been waiting for..
That's some magnificent teaching skills. Thank you
Thumbnail on point
Of course this is just an example app, but i would have accepted input, and sent it to a server so it can provide a response for the message box. the app can then stay unprotected since the only thing they can do is brute force the password on the server and of course you can allow only a few attempts per IP if you wanted to secure it even more.
I just love how the phone has two punch hole front cameras
Sir, can you please create a bootcamp course for beginners? Please suggest how I can get into cybersecurity.
we need more from this videos (mobile and apps)
Awesome topic. Awesome showcases. Awesome options. Three like 👍👍👍
Always mind-blowing 🎉
Complete this lesson signature Spoofing ❤for us regarding the confusion on the antivirus application ❤❤
we want part 2
keep it up. i love this content
great video, i've enjoyed the first 15 seconds
00:00:00 00:00:01 00:43:39 00:43:40
Great video appsec 🎉
Can you share the setup for the Pixel enviroment?
Bro help me understand. Can i give you one small file? I already hve password, but our goal would be to bypass psswprd and extract adb commands from the file.. you are authorized to do it dont worry
Does this work with Flutter Application?
Yes! Both the iOS and Android protection solutions support Flutter.
@Guardsquare yo thanks for commenting, I stumbled on your channel you got great videos.
why are you using var???
thank you!! good information
12:00 there is no way you just pronounced `init` as `aynit`, john that's cursed 😳😳😳😂
eyenit
Hello
sup
the sky
@@meiilolroof for me
COOL.😃
Next please analyze spyloan app that haunting indonesian people
yay
Guard square 😮
6:06 The most obvious and worst way to detect root and debugger
Wdym by clever way?
Only the developers who don't care about people exploiting their software would do this method.
What would be a better way? Asking as a total noob in the field.
That being said, although this way is obvious, it'll certainly keep the skiddies out, so can you explain what the issue is here?
@@Smoth48 this can be easily bypassed
What I would do is
Use both native and java/kotlin detection for root and debugging and integrity check
With obfuscation ofc
@@Smoth48I'm not sure what method would be better, but this is basically useless as most rooting tools have a "rename this app to avoid detection" toggle.
BS untile now no one made a real android app haking
this is just veryyyyyy basic shit
no anti frida detection
no anti signature verification
dex encreption ...........MORE.........MORE...............MORE...............
and when you crack thos tecknique they come with more advance one / modified aproch
a real app is not that eazy .
im tired from thos usless content
You're wrong.
I did not watch yet, but there is a course at INE about this
These are all the same shit and they all are useless
And who would put their api key in client side I mean just lol
I'm getting into advanced static debugging and modifying protected .lib and I can tell you this content is pretty useless as you said
@@Mr_Bunnehwhy tho?
I'm distributing paid games and apps on my website
These contents are utterly useless
They won't get you anywhere past the very beginning of the reverse engineering
What do you expect from a glorified script kiddie on UA-cam? You want to learn the nitty gritty? Learn, meet real hackers, not someone who is selling "security" services. Good luck
Can you hack an online application? Add coins? Applications like (waha: for chatting ) ????
Unrelated but can somebody help me get my microsoft account back? The hacker changed my password and deleted all the account information. And he also added his own phone number and authentication app
That’s the hacker account now
The best you could do would probably be to email Microsoft and tell them your predicament. Best of luck, and I’m sorry this happened. If you can get the account back, make sure to set up 2 factor authentication!
yes, like alex said, go and tell microsoft that you’re pregnant
Lol@@iamvinny