Jump to content

Title: Crazy hint! A penetration of a porn app

UKhackteam
UKhackteam
in Hacker Cracking / Penetration Testing / Cybersecurity

Featured Replies

Posted

0x01 Introduction

Find the interface of a porn app

1049983-20220106104242134-1415031552.png

I looked at the function point and there was a registration place, but I actually needed an invitation code when registering!

0x02 Penetration process

So put the app on the virtual machine and get its real domain name by catching the packet.

1049983-20220106104242691-969258238.png

Then use the bp crawler to crawl to an API interface

1049983-20220106104243173-1846676373.png

Prompt parameter missing fuzz one wave parameter

1049983-20220106104243568-136728470.png

http://www.

  • Quote

    • Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Reply to this topic...
    Go to topic listing

    Important Information

    HackTeam Cookie PolicyWe have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.