Researchers Reverse Engineer and Hack Dropbox, 'Heavily Obfuscated Python App' - HotHardware
Researchers Reverse Engineer and Hack Dropbox, 'Heavily Obfuscated Python App'

Researchers Reverse Engineer and Hack Dropbox, 'Heavily Obfuscated Python App'

Another day, another thing-that-is-hacked. This time it was popular cloud storage service Dropbox, but fortunately, the hackers were security researchers. Two of them, actually, named Dhiru Kholia and Przemyslaw Wegrzyn, who found a way to reverse engineer Dropbox, which the SD Times calls a heavily obfuscated Python application.

The pair were then able to intercept SSL traffic from Dropbox’s servers and bypass its two-factor authentication. They worked up a research paper to describe their techniques. “We show how to unpack, decrypt and decompile Dropbox from scratch and in full detail,” they wrote. “This paper presents new and generic techniques to reverse-engineer frozen Python applications. Once you have the de-compiled source code, it is possible to study how Dropbox works in detail.”

Dropbox

To Dropbox’s credit, Kholia and Wegrzyn noted that Dropbox has acted quickly to plug holes and reinforce its security, making the service as safe as it can be. Still, it’s a constant battle between cybercriminals and security pros, and at best the good guys are typically only a step ahead (or behind, as it were) the bad guys.
0
+ -

(In my Maxwell Smart voice:) "The old 'Heavily Obfuscated Python App' trick!"

0
+ -

Please tell me somebody remembers 'Get Smart'!

Shoephones. The Cone of Silence. Agent 99 *sigh*.

0
+ -

We've veered sharply into non sequitur territory here, but seriously, "Get Smart" is one of my favorite shows of all time.

Login or Register to Comment
Post a Comment
Username:   Password: