Practical Use of Burpy Plugin – Cracking the Encryption Algorithm of a WeChat Mini Program
Author: 0pening 1. Introduction Testing a certain WeChat mini program, without further ado, let’s start using BurpSuite to capture packets. However, upon capturing the packets, I noticed something was off 🤨. This application encrypts the parameters into bizContent and uses a signature parameter sign to prevent man-in-the-middle attacks on the data packets… not very honorable. … Read more