Reverse Engineering Smartphone Exclusive Application to Pc: Tinder

Reverse Engineering Smartphone Exclusive Application to Pc: Tinder

Small Information

1 Reverse technology Smartphone Exclusive software to pc: Tinder Honours Project for Carleton University Samuel Pra.


Reverse Engineering Portable different software to desktop computer: Tinder Honours work for Carleton college Samuel Prashker – 100755635 monitored by: Dr. Dwight Deugo School of desktop technology Carleton University Ottawa, Canada

Conceptual Many solutions provide on smartphones manage that system because of their convenience, ease of use, and portability. But many of these software have no any function that varies according to the mobile program itself. Tinder, like, a mobile matchmaking app, was created and programmed for all the sole aim of operating on Android os and new iphone 4, limiting access to those single ecosystems. From a security standpoint and as a proof of idea in giving support to the argument against mobile special software, the Android os form of Tinder might reverse designed to work on a normal desktop through a Universal windowpanes system software, dubbed: Tindows.

Acknowledgments I wish to give thanks to my friends just who nicely contributed their particular mobile phones during the beginning tips from the task. Without them I would n’t have had the opportunity to start the longer and arduous procedure for system sniffing and reverse technology. I would like to thank Curtis Schouten for supplying his Windows 10 Tablet for evaluating in the worldwide application codebase on a genuine transportable unit. I would personally additionally always particularly give thanks to by name Patrick Cuerrier and Issa-Albert Kane are actual users that were ready to donate their own profile throughout building for the software. Without their realworld information, many pests wouldn’t have been recognized.

Table of items 1. Introduction . 5

History . 9 2.1.

Representational state move . 11

Protected Sockets Covering (SSL) . 11

Setting-up Android to Proxy website traffic through an isolated Computer . 13

Circumventing Encrypted SSL Traffic with a Man-In-The-Middle approach . 14

Recording the Login procedure for Tinder . 16

Recording the API Calls of Requirement Tinder Activity. 18

Tinder’s Modify Circle . 21

First Step of Porting – producing a Tinder clients collection in C#. 23

Universal Windows program and Acquiring the Facebook OAuth Token . 25

XAML and Information Binding . 28

Tindows – The “SuperficialPage” . 29

Tindows – The “ConversationPage” . 31

Tindows – Notification . 33

Effects and Validation. 35 4.1.

Validating the TinderAPI . 35

Validating an individual software and software experiences . 36

Summary. 39 5.1.

Future Work . 40

6. References . 42 7. Appendix . 43

1. Introduction 1.1.

Together with the increase in smartphone practices and popularity of mobile software ecosystems confined to mobile programs (yahoo Gamble Store, fruit App shop, Microsoft shop), applications with functional or convenient uses on old-fashioned networks such Desktops are left in particles to be overlooked. Software are being exclusively created for unique mobile use. There isn’t any pc site being provided, but simply a webpage to advertise the smartphone program. This plan of exclusivity can limit consumers’ solutions whenever choosing which solutions to find, which devices to possess and which ecosystems to connect on their own to. Exercise tracking and calorie counting solutions is a good example of a challenge this is certainly resolved platformindependent. Like, MyFitnessPal provides all-potential ways to work well with their own system: Android os, iPhone, windowpanes cellphone, and a fully showcased internet site supplying close usability towards the mobile applications. More applications that started prior to the regarding smartphones bring precisely ported their particular remedies for mobile programs (ex: PayPal, eBay, Amazon, Gmail, etc.). The issue lies in software and companies that spawn purely with a focus about mobile marketplace. One particular problem is Tinder: a dating application for Android and iphone 3gs just. Despite online-dating being a traditionally program agnostic problem, Tinder sadly confines their consumers to two programs. What if the consumer switches to a Windows mobile? Can you imagine a person won’t have a cell phone and wish to access it to their Mac computer or house windows machine? There is no functionality made available from Tinder that as a necessity requires a mobile platform. Therefore, I am going to be wanting to resolve this by identifying the client-server architecture of Tinder and porting it to a Desktop clients that communicates with Tinder’s servers.

The inspiration behind building a desktop computer software can be divided into a number of operating power. Primarily, due to the fact culmination of my personal 4 years within a Computer and online safety focused stream, a project that shows those honed abilities are a worthy cause to follow. In determining exactly how Tinder communicates to its servers, from a security viewpoint, there may probably end up being lots of obstacles to conquer, safety measures to thwart and facts to spoof. More than likely the client created will need to “act” like a mobile product. The sophistication with the safety positioned should determine the issue in accomplishing this. Second, as an individual who does not check out the pc program becoming a dying market, i’m directly pushed to make sure the emergency. Although this venture is only an educational proof-of-concept it may be performed, the message to remove would be that you’ll be able to perform, and that it ought to be done. Solutions created your mobile system needs similarly available desktop computer countertop section (given the applying does not count on non-traditional Desktop equipment such video camera, GPS, flash light). Third, it is a project that require using the services of technologies which have been glanced over during my studies. In deciding the site visitors becoming delivered around line, discover several gear for example Wireshark that’ll need to be learned and used on this venture. Also, if there’s features the application does regarding tool, it will be possible a de-compilation on the application is required (when it comes to Android it can mean de-assembling the application form to “smali” style, one thing i’ve never ever finished but in the morning driven to understand).

The original objective is always to set all types of communications Tinder does to execute their application function, like (however restricted to) how might Tinder talk and authenticate to Twitter, how do they talk and authenticate with their very own machines, and exactly how would they obfuscate or encrypt or else protect their particular communications channels. The actions sang inside the 6


メールアドレスが公開されることはありません。 が付いている欄は必須項目です