Exploring Security Vulnerabilities in Flutter Mobile Applications
Hack In The Box Security Conference via YouTube
Master Production-Ready Machine Learning, Step by Step
AI, Data Science & Cloud Certificates from Google, IBM & Meta
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Watch a security conference presentation from Hack In The Box that exposes critical vulnerabilities in Flutter mobile applications through reverse engineering techniques. Learn about the B(l)utter tool's capabilities in extracting metadata and analyzing compiled code from Flutter apps, revealing concerning security practices. Discover the findings from a statistical analysis of 100 Flutter applications, including seven cases of hardcoded sensitive information and a particularly alarming case involving a private cryptographic key in an app with over 5 million users. Explore the methodology behind gathering Flutter applications, using the B(l)utter tool for decompilation, and analyzing the extracted data to uncover developmental information, exposed cryptographic keys, access tokens, and API keys. Gain valuable insights into the security implications of hardcoding credentials in Flutter applications and understand the urgent need for developers to address these vulnerabilities.
Syllabus
#HITB2024BKK #COMMSEC D2: Exploring Vulnerabilities in Flutter Mobile Apps
Taught by
Hack In The Box Security Conference