Honestly, it’s more complicated and annoying than most games I’ve targeted,” Bangorlol explained. They hide functions, prevent debuggers from attaching, and employ quite a few sneaky tricks to make things difficult. There’s a ton of obfuscation involved at all levels of the application, from your standard Android variable renaming grossness to them (bytedance) forking and customizing ollvm for their native stuff. “TikTok put a lot of effort into preventing people like me from figuring out how their app works. Reportedly, it took 200 days for the Chinese development team to create the original version of TikTok, but when Bangorlol got his cursor on its code, it had no chance. I’m kind of a ‘jack of all trades’ kind of guy in the sense that I’m comfortable in most areas of software engineering and mostly pretty okay with many security topics.” ![]() I like security in general and typically find at least a few major flaws whenever I change employers. ![]() ![]() I hunt bug bounties when I’ve got the time, or help my friends out with theirs (or their CTF challenges). “Lately, it mostly involves reversing my company’s partner APIs so we don’t have to wait for them to create something custom for us.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |