decompiled spyware

Find a file

August b11ad5dd8a Update README.md		2020-07-23 07:22:47 -04:00
config.ar
config.arm64_v8a
config.de
config.en
config.es
config.fr
config.hi
config.id
config.in
config.it
config.ja
config.ko
config.my
config.pt
config.ru
config.th
config.tr
config.vi
config.xxxhdpi
config.zh
df_fusing
df_miniapp
df_miniapp.config.arm64_v8a
df_miniapp.config.en
df_miniapp.config.xxxhdpi
df_photomovie
df_rn_kit
df_rn_kit.config.arm64_v8a
icon.png
manifest.json
README.md	Update README.md	2020-07-23 07:22:47 -04:00

README.md

TikTok source code

Full source code to the android tiktok app.

background

This project is a bit different from my other projects. TikTok is a data collection engine disguised as a social media platform. It's legitimate spyware, so I thought I would reverse engineer the Android application

Included are the compiled classes.jar and classes.dex. You can find all of the source in the classes/ folder in each part of the app.

The main functionality of the app is in df_miniapp. The rest is just included for the sake of completeness. Most of it is useless.

China, I'll see you when you send the hitmen to my house.

Here is the full reverse engineered source code. Enjoy

[NOTE] this is where I got the APK. https://apkpure.com/tiktok/com.ss.android.ugc.trill

interesting code

location tracking: tiktok_source/df_miniapp/classes/com/tt/miniapp/maplocate/TMALocation.java tiktok_source/df_miniapp/classes/com/tt/miniapp/maplocate/ILocator.java

phone calls: tiktok_source/df_miniapp/classes/com/tt/miniapp/call/PhoneCallImpl.java

screenshot code: tiktok_source/df_miniapp/classes/com/tt/miniapp/msg/onUserCaptureScreen/TakeScreenshotManager.java

weird list in the screenshot code

  static final String[] KEYWORDS = new String[] { 
      "screenshot", "screen_shot", "screen-shot", "screen shot", "screencapture", "screen_capture", "screen-capture", "screen capture", "screencap", "screen_cap", 
      "screen-cap", "screen cap", "截屏" };

TODO LIST

decode all android manifests