Platform for Experts 
Mobile & Backend Security Testing 
Our Company 
Blog
Contact us
eShard
/
escoaching
/
White Box Intermediate
Intermediate

Breaking a White-Box implementation embedded in an Android Application (Intermediate Level)

This practical course targets an Android Application containing a native white-box library. You will learn how to defeat classic obfuscation mechanisms to extract the white-box library, an then how to execute and attack it to recover the secret key.

Covered Topics

What you will learn:

  • APK decompilation
  • Java code analysis
  • Identify the White-Box implementation
  • Create a launcher to execute the White-Box<
  • Recover the White-Box key
  • Understand how to compute the application cryptogram

Exercises

Attack a White-Box implementation embedded in an Android payment application. You will have to recover the PIN code and the White-Box key to understand how to generate a correct payment cryptogram.

Requirements

  • Native code analysis
  • Basic ARM Assembly language
  • Basic knowledge in side-channel analyses
  • Execute/Trace a binary (module WBC.1)
Contact us

Practical informations

Overall duration: 1-day if in-person / flexible duration if online.

Schedule: 9am-1pm - 2pm-6 pm (in-person)

Number of trainees: 1 max.

Our Coaches

Guillaume
Vinet
CopyRights eShard 2022.
All rights reserved
Privacy policy | Legal Notice
PLATFORM FOR EXPERTS
Side Channel AnalysisLaser & EM Fault InjectionFirmware Security AnalysisSecurity Failure AnalysisVulnerability Research
PROFESSIONAL SERVICES