Comment by matthewdgreen

Comment by matthewdgreen 17 hours ago

10 replies

View on Hacker News

I really doubt this. Any such upload would be visible inside the WhatsApp application, which would make it the world's most exciting (and relatively straightforward) RE project. You can even start with a Java app, so it's extra easy.

cosmicgadget 17 hours ago

If you claim REing a flagship FAANG application is "extra easy", either they need to be laughed out of the room or you do.

Reply View 9 replies
  • gruez 14 hours ago

    Does FAANG apps have antidebug or code obfuscation? At least for google their apps are pretty lightly protected. The maximum extent of obfuscation is the standard compilation/optimization process that most apps go through (eg. r8 or proguard).

    Reply View 0 replies
  • quesera 16 hours ago

    Reverse engineering is easy when the source code is available. :)

    The difference between source code in a high-level language, and AArch64 machine language, is surmountable. The effort is made easier if you can focus on calls to the crypto and networking libraries.

    Reply View 6 replies
    • cosmicgadget 16 hours ago

      The source is available?

      Understanding program flow is very different from understanding the composition of data passing though the program.

      Reply View 5 replies
      • quesera 15 hours ago

        At some level, the machine code is the source code -- but decompiling AArch64 mobile apps into something like Java is common practice.

        As GP alludes, you would be looking for a secondary pathway for message transmission. This would be difficult to hide in AArch64 code (from a skilled practitioner), and extra difficult in decompiled Java.

        It would be "easy" enough, and an enormous prize, for anyone in the field.

        Reply View 4 replies