TransWikia.com

Call of a suspicious method cannot be found

Reverse Engineering Asked by fellower4 on February 20, 2021

i have a strange apk which I took a closer look at, among others with jadx-gui. It is a gaming app that requires an unusual amount of permissions according to the manifest file. I installed and played the game on a testphone. The requested permissions are not allowed for the game at all. Found a class in the code with the following suspicious method:

public void doInBackground()
{
  ...
  String deviceId = ((TelephonyManager) this.a.getSystemService("phone")).getDeviceId();
  ...
  a.add(new BasicNameValuePair(new String("imei"), deviceId)); 
  ...
  try {
        httpPost.setEntity(new UrlEncodedFormEntity(a));
      } catch (UnsupportedEncodingException e) {
  ...

This method collects sensitive data and sends it via http.
I don’t see that this class is called with this method. Searched for the name of the method, but found nothing. Is there a way to call this method without seeing it in the jadx-gui?
Otherwise I ask myself why this method was implemented if it is never used.

One Answer

In Android there is a class named AsyncTask, designed for running processes in the background without blocking the UI.

The developer extends AsyncTask and implements doInBackground() member function which is called by the system. After instancing the derived class and calling the instance's .execute() method, Android will, asynchronously call doInBackground().

The program does not call functions of AsyncTask directly.

Link to documentation: https://developer.android.com/reference/android/os/AsyncTask

Answered by Yotamz on February 20, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP