Hi There,
We used HP LR recorder (downloaded from google play store) to record the traffic from custom android Android 4.2.2 device.
When we look at the .lrcap file in VuGen, the information captured is binary coded...Something like this:
Action()
{
web_custom_request("upload",
"URL=http://<our app url>>",
"Method=POST",
"Resource=0",
"Referer=",
"Snapshot=t1.inf",
"Mode=HTML",
"EncType=",
"BodyBinary=\\x00\\x00\\x01\\x99\\x10\\x02,<@\\x01V\\x04testf\\x04test}\\x00\\x01\\x01y\\x08\\x00\\x01\\x06\\x06detail\\x18\\x00\\x01\\x06\\x15common.RequestPackage\\x1D\\x00\\x01\\x01O\n\\x00\\x01\\x16\\x100M300GSH8G0RRTKY&\\x083.3.6.566\[\\xAB\\x07|\\xA3\\xEA\\xEA\\x05\\xD4\\x86~\\xC7\\xD5h5\\xA3\\xE9rM "
LAST);
return 0;
}
We are in very critical situation and have very limited access to developers/app details to better understand the situation.
All we know is encrypted data is sent from the device and it's decrypted at server level.
Does anyone has any inputs, appreciate your thoughts....thanks.
Thanks & regards