How do i reverse engineered Chotadhobi app
TLDR :- The app i have used is PCAPDroid which was the easiest method to view the backend apis of the app.
Method 1
Setup a rooted AVD in Android studio via rootavd and install Pcapdroid on it after that install this Always trust user certificate module in magisk manager
open pcapdroid and setup it for decrypting TLS traffic you can refer this.
After you saved the file after doing the things required you will get a sslkeylog file and a pcapng file
in my case
pcap file - download here
ssl.log file - download here
Then open the pcap file in wireshark and go to preferences then protocols then TLS like this
and set the key log file to the downloaded file then you will be able to see the decrypted tls file you can follow any stream to see what it did
Method 2
You can use frida + ssl-pinning + android rooted AVD
This thing i have tried but the first method was easier
Further read the blog posts below for more information:-
https://www.trickster.dev/post/setting-up-rooted-android-emulator-with-frida-and-mitmproxy/
https://infosecwriteups.com/hail-frida-the-universal-ssl-pinning-bypass-for-android-e9e1d733d29
https://www.redfoxsec.com/blog/ssl-pinning-bypass-for-android-using-frida
Signing off,
Nityanand Thakur
Cover photo credits:
