#84

From an Android Hook to RCE: $5000 Bounty

One of the first things that you learn when learning security is that everything that’s on the client-side is untrusted. Even if it’s encrypted. This blog post shows it really well how a client-side encryption in the mobile app was used to obfuscate a functionality...