Decrypting a wordlist decoded from an Android APK

I have a wordlist that is embedded into an android app

The wordlist is encrypted and stored in several byte arrays in the code below. The arrays must be joined together in the same order.

The order is:

  • AES/CBC/PKCS5Padding

  • IV 16 zero bytes

  • Key: Base64 decoded AES key

AES in CBC mode processes the data block in a sequence and because the IV is fixed and the key is constant the same encrypted input will always decrypt the same output.

The AES key is received from a Firebase Remote Config and then cached onto my phone. The key is not hardcoded anywhere. When the decryption is successful the output should be in a JSON containing entries with a day, word and color.

Can I get help to try and replicate the decryption key or for me to make a decryptor that can help me find the wordlist

Here is the code Hello,

I have a wordlist that is embedded into an android app

The wordlist is encrypted and stored in several byte arrays in the code below. The arrays must be joined together in the same order.

The order is:

  • AES/CBC/PKCS5Padding

  • IV 16 zero bytes

  • Key: Base64 decoded AES key

AES in CBC mode processes the data block in a sequence and because the IV is fixed and the key is constant the same encrypted input will always decrypt the same output.

The AES key is received from a Firebase Remote Config and then cached onto my phone. The key is not hardcoded anywhere. When the decryption is successful the output should be in a JSON containing entries with a day, word and color.

Can I get help to try and replicate the decryption key or for me to make a decryptor that can help me find the wordlist.

-6
Jun 26 at 10:05 AM
User AvatarNameless72
#android#encryption#reverse-engineering
No answer found for this question yet.