• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

AES Decryption using Android Studio

 
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm working on a testing known vulnerable android app that uses insecure storing methods. I need to develop an app to exploit it, but my java skills are a little weak, so I'm wondering if I could get some guidance on the best way to do this.

So far my code can pull the encrypted password from the sqlite db. now I need to take that password and decrypt it and display it on the screen. This is where I need some help.

Based on an online AES Decryption tool, I was able to determine the following:

-Mode: ECB

-Key Size: 256

-Secret Key: we'll just say it's 123abc for example (Secret key was hardcoded in the app)

I confirmed by running it through the online tool that the cleartext password it spit out works in the vulnerable app.

How can I take the encrypted string I have(called "password"), and decrypt it using android studio so it gives me the same cleartext passwords as the online tool does? The less code the better, as I want to try to understand what I'm doing so I learn.

For reference, this looks like it may be something very similar to what I'm working on: https://coderanch.com/t/692714/display-file-Application
 
Saloon Keeper
Posts: 7591
177
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
So you have an encrypted text, and the encryption key, and are looking for the Java code to implement the decryption? Have you searched for something like 'Java aes decryption"? There must be tons of example codes out there, as this has nothing to do with Android.
 
reply
    Bookmark Topic Watch Topic
  • New Topic