Bypassing AES encryption if the keys are not in local,but in server
When I conduct a mobile pentest, I have run into payload encryption in HTTP traffic. In general, the AES key and IV ( initialization vector) are located in APK, and can be used to encrypt the payload using Burp suite extensions such as AES… Continue reading Bypassing AES encryption if the keys are not in local,but in server