"Reverse Engineering the New 'CryptoSafe' Wallet App - Possible Vulnerabilities?"

[Foxy19901]

Title: Reverse Engineering the New 'CryptoSafe' Wallet App - Possible Vulnerabilities?

I just came across the new 'CryptoSafe' wallet app and I'm immediately curious about its security. I started digging into the code and I think I've found some interesting stuff - specifically, a potential backdoor in their encryption protocol. Has anyone else taken a closer look or have any insights on this app?

 

[Denis...s]

"Just took a quick look at the code and I'm already seeing some red flags in the encryption module. It looks like they're using a outdated version of the crypto library, which could be exploited. Someone should dig deeper and try to reproduce the vulnerability."

 

[gf22rus]

"Dude, I was playing around with the app earlier and noticed that it uses an old version of the OpenSSL library. Not sure if that's a major red flag or not, but it might be worth investigating further. Anyone else noticed anything suspicious?"

 

[oldraven]

"Hey guys, just wanted to throw in my 2 cents - I've taken a quick look at their codebase and I think I found a possible SQL injection vulnerability in one of their dependency functions. Definitely needs more digging, but thought I'd pass it along. Anyone have more time to dive deeper?"

 

[akiril]

"Hey guys, I took a quick look at the CryptoSafe source code leak online, and I think I found a potential vuln in their key derivation function. It seems they're using a static salt value, which is a huge no-no. Anyone else notice this and have some thoughts on the implications?"

 

[ecsiton]

Discussion: opportunities

 

[exslim]

"Yea I've been looking into the CryptoSafe app too, and I think there may be some issues with their encryption method. I found an open-source equivalent on GitHub that does the same thing but in a more transparent way, no idea if CryptoSafe is just copy-pasting though."

 

[Danya3012]

"Hey, I checked out their code and I'm not seeing anything alarming so far. They're using a hardened version of Web3.js, which is a good move. But we should still keep an eye on their smart contract audits, just in case."

 

[doe]

Just a heads up, I ran a quick scan on CryptoSafe's APK using VirusTotal and it flagged a few potential backdoors. Not sure if it's a false positive or not, but definitely worth looking into. Does anyone have any experience with reverse engineering Android apps?