Understand what an app does from a high-level point of view
Understand the tech details on how an app does something
Find security vulnerabilities ~> exploit them to gain some advantage
Steal private information, read private file, steal its permissions, etc.
Country | App | Tech | Permissions |
---|---|---|---|
Vietnam | Bluezone | React Native |
ACCESS_NETWORK_STATE, BLUETOOTH, INTERNET, FOREGROUND_SERVICE WIFI_STATE, WAKE_LOCK |
Germany | Corona-Warn | Android |
ACCESS_NETWORK_STATE ,BLUETOOTH, INTERNET,
IGNORE_BATTERY_OPTIMIZATION S, WAKE_LOCK ,CAMERA, FOREGROUND_SERVICE, RECEIVE_BOOT_COMPLETED |
Fiji | CareFiji | Android | @include Vietnam & Germany ,WRITE_EXTERNAL_STORAGE |
India | Aarogya Setu | Android | @include Vietnam & Germany ,Camera Hardware,WiFi |
Ireland | COVID Tracker | React Native | BLUETOOTH ACCESS_NETWORK & WIFI STATE |
Australia | COVIDSafe | Android | @include common & ACCESS_COARSE_LOCATION |
Austria | Stopp Corona | Android | @include Vietnam |
Hungary | Virus Radar | Android | @include Vietnam |
Take ID of app from playstore
https://play.google.com/store/apps/details?id=com.mic.bluezone
Download app using ApkPure
test.apk
Unzip app using ApkTool
apktool d test.apk
Convert classes.dex to Jar using dex2jar
d2j-dex2jar.sh classes.dex
Run java-decompiler to see whats inside
java -jar jd-gui-1.6.6.jar
For Permissions we need to study AndroidManifest.xml
e.g uses-permission android:name="android.permission.BLUETOOTH"
Aarogya Setu - Java(India)
Sourceprivate var locationCallback: LocationCallback = object : LocationCallback() { override fun onLocationResult(locationResult: LocationResult?) { locationResult?.let { if (it.lastLocation != null) { val usersLocationData = BluetoothData( Constants.EMPTY, 0, Constants.EMPTY, Constants.EMPTY ) usersLocationData.latitude = it.lastLocation.latitude usersLocationData.longitude = it.lastLocation.longitude CoronaApplication.getInstance().setBestLocation(it.lastLocation) Logger.d( "Retreive location service", usersLocationData.latitude.toString() + " - " + usersLocationData.longitude.toString() ) DBManager.insertNearbyDetectedDeviceInfo(listOf(usersLocationData)) } } } }
Bluezone - React Native(Vietnam)
SourceonPress() { const {numberPhone} = this.state; const {intl} = this.props; const {formatMessage} = intl; const vnf_regex = /((09|03|07|08|05)+([0-9]{8})\b)/g; if (vnf_regex.test(numberPhone) === false) { Alert.alert(formatMessage(message.phoneEnterNotValid)); } else { this.setState({showLoading: true, showErrorModal: false}, () => { CreateAndSendOTPCode( numberPhone, this.createAndSendOTPCodeSuccess, this.createAndSendOTPCodeFail, ); }); } } createAndSendOTPCodeSuccess(response) { const {numberPhone} = this.state; const {setLoading} = this.props; const router = setLoading ? 'VerifyOTPAuth' : 'VerifyOTP'; this.setState({showLoading: false}, () => { setTimeout(() => { this.props.navigation.replace(router, { phoneNumber: numberPhone, }); }, 200); }); }
Here they are using this custom Package!COVID-Tracker - React Native(Ireland)
Sourceconst getCloseContacts = async () => { try { if (permissions.exposure.status === PermissionStatus.Allowed) { await configure(); const contacts = await ExposureNotification.getCloseContacts(); setState((s) => ({...s, contacts})); return contacts; } return []; } catch (err) { console.log('getCloseContacts err', err); return null; } };