@evilsocket
Hey,
Have you ever heard of an Messenger App known as Kik on Android?
Well, there is a small community surrounding it that does "Modifications" to its regular version. It's very popular now days for users to have a Modified Kik App. The "developers" of these modded kiks add all kinds of features that aren't normally in the regular version followed by mass distributing it via their websites.
The features include everything from changing the theme to having automated messages. If you'd like more detail, i'll give you a rundown of what the coolest mods to have on kik are. It really is a thing, no joke. You probably haven't even heard of this App before lol.
There is one app in particular that has been obfuscated similar to what your article post showed. It has long class names with weird symbols and string encryption. Obviously, this was done to prevent "skids" from taking their work and claiming it to be theirs. It is only done to a handful of smali files; Files that they have either added or tampered with. Even so, most of the smali files weren't touched, just obfuscated differently. The ones with the added features are scattered among the smali files in the com and the folder titled matrik.
Fyi, I do not know how to code and technically am a "skid", but i would like to be able to go in, look at the coding, see what they did, change and add things for myself; Basically customizing it the way i like it and using it on my personal behalf, for fun of course.
There are multiple modified kiks out there that i can decompile and look at the coding others wrote with no problem. However, this one has always intrigued me. It's the only kik that is obfuscated now. There used to be another modded kik that was obfuscated called "Pikek" but the un-obfuscated one was "leaked" and it was later continued without obfuscation inside.
It is an older version of kik: Version 8.10, that originally had default proguard with names and such as letters.
Here is the regular version kik 8.10. Note: This is a old version of kik that the modded kik is based on,
not the current one in the google store.
https://drive.google.com/open?id=0BwhSOSdIKPj8WWhKU1lORk40N1k
-> from my google drive and may have to copy and paste link into browser
I have done some research and tried several methods such as dex-oracle and simplify. As you can see, i have failed. There is a decryption plugin that i could not figure out how to use or even understand what to change. I have also had a some trouble figuring what the encryption pattern is.
Here is the Modified Kik App, also known as "Matrik": I obviously used the Apktool to decompile it.
https://drive.google.com/open?id=0BwhSOSdIKPj8WWhKU1lORk40N1k
-> from my google drive and may have to copy and paste link into browser
(If you'd like the decompiled apk, i'll give you a zip folder of all the files. Of course it would be much faster if you decompiled it yourself)
This is what the class names look like:
This is what the encrypted strings look like: As you can see from looking at the function name, the main dude who writes most of the javascript/smali calls himself moon. Don't get me wrong though, he seems to a very talented java script programmer. Some of what is on matrik is pretty impressive, to me anywho.
As a stranger, I am not pressuring you into helping me out, but i'd appreciate if you'd so kindly take some time out of your day try to help me break this. Although, this isn't anything important, most likely a waste of time, but i'm putting this out there in case you're bored. I can see that you're very experienced and love breaking into things.
By all means, Anyone who comes across this post may take a crack at it.
Thanks,
Paul
@evilsocket
Hey,
Have you ever heard of an Messenger App known as Kik on Android?
Well, there is a small community surrounding it that does "Modifications" to its regular version. It's very popular now days for users to have a Modified Kik App. The "developers" of these modded kiks add all kinds of features that aren't normally in the regular version followed by mass distributing it via their websites.
The features include everything from changing the theme to having automated messages. If you'd like more detail, i'll give you a rundown of what the coolest mods to have on kik are. It really is a thing, no joke. You probably haven't even heard of this App before lol.
There is one app in particular that has been obfuscated similar to what your article post showed. It has long class names with weird symbols and string encryption. Obviously, this was done to prevent "skids" from taking their work and claiming it to be theirs. It is only done to a handful of smali files; Files that they have either added or tampered with. Even so, most of the smali files weren't touched, just obfuscated differently. The ones with the added features are scattered among the smali files in the com and the folder titled matrik.
Fyi, I do not know how to code and technically am a "skid", but i would like to be able to go in, look at the coding, see what they did, change and add things for myself; Basically customizing it the way i like it and using it on my personal behalf, for fun of course.
There are multiple modified kiks out there that i can decompile and look at the coding others wrote with no problem. However, this one has always intrigued me. It's the only kik that is obfuscated now. There used to be another modded kik that was obfuscated called "Pikek" but the un-obfuscated one was "leaked" and it was later continued without obfuscation inside.
It is an older version of kik: Version 8.10, that originally had default proguard with names and such as letters.
Here is the regular version kik 8.10. Note: This is a old version of kik that the modded kik is based on,
not the current one in the google store.
https://drive.google.com/open?id=0BwhSOSdIKPj8WWhKU1lORk40N1k
-> from my google drive and may have to copy and paste link into browser
I have done some research and tried several methods such as dex-oracle and simplify. As you can see, i have failed. There is a decryption plugin that i could not figure out how to use or even understand what to change. I have also had a some trouble figuring what the encryption pattern is.
Here is the Modified Kik App, also known as "Matrik": I obviously used the Apktool to decompile it.
https://drive.google.com/open?id=0BwhSOSdIKPj8WWhKU1lORk40N1k
-> from my google drive and may have to copy and paste link into browser
(If you'd like the decompiled apk, i'll give you a zip folder of all the files. Of course it would be much faster if you decompiled it yourself)
This is what the class names look like:
This is what the encrypted strings look like: As you can see from looking at the function name, the main dude who writes most of the javascript/smali calls himself moon. Don't get me wrong though, he seems to a very talented java script programmer. Some of what is on matrik is pretty impressive, to me anywho.
As a stranger, I am not pressuring you into helping me out, but i'd appreciate if you'd so kindly take some time out of your day try to help me break this. Although, this isn't anything important, most likely a waste of time, but i'm putting this out there in case you're bored. I can see that you're very experienced and love breaking into things.
By all means, Anyone who comes across this post may take a crack at it.
Thanks,
Paul