We can decompile the APK and get the Java version of the code to understand the logic. Obviously, we first need to understand the application’s logic before proceeding with the Substrate extension. Our goal is to bypass this login by writing a Cydia Substrate extension. When the user enters invalid credentials, an error will be thrown as shown in the figure below. Following is our target app’s first activity. Like every other article of mine, we will have a vulnerable app here and then we will exploit it using this Cydia Substrate extension. Now, Let’s start writing the Substrate extension.
0 Comments
Leave a Reply. |