decompiled spyware
Go to file
2020-11-03 08:04:49 -05:00
config.ar commit 1 2020-07-11 13:32:14 -07:00
config.arm64_v8a commit 1 2020-07-11 13:32:14 -07:00
config.de commit 1 2020-07-11 13:32:14 -07:00
config.en commit 1 2020-07-11 13:32:14 -07:00
config.es commit 1 2020-07-11 13:32:14 -07:00
config.fr commit 1 2020-07-11 13:32:14 -07:00
config.hi commit 1 2020-07-11 13:32:14 -07:00
config.id commit 1 2020-07-11 13:32:14 -07:00
config.in commit 1 2020-07-11 13:32:14 -07:00
config.it commit 1 2020-07-11 13:32:14 -07:00
config.ja commit 1 2020-07-11 13:32:14 -07:00
config.ko commit 1 2020-07-11 13:32:14 -07:00
config.my commit 1 2020-07-11 13:32:14 -07:00
config.pt commit 1 2020-07-11 13:32:14 -07:00
config.ru commit 1 2020-07-11 13:32:14 -07:00
config.th commit 1 2020-07-11 13:32:14 -07:00
config.tr commit 1 2020-07-11 13:32:14 -07:00
config.vi commit 1 2020-07-11 13:32:14 -07:00
config.xxxhdpi commit 1 2020-07-11 13:32:14 -07:00
config.zh commit 1 2020-07-11 13:32:14 -07:00
df_fusing commit 1 2020-07-11 13:32:14 -07:00
df_miniapp commit 1 2020-07-11 13:32:14 -07:00
df_miniapp.config.arm64_v8a commit 1 2020-07-11 13:32:14 -07:00
df_miniapp.config.en commit 1 2020-07-11 13:32:14 -07:00
df_miniapp.config.xxxhdpi commit 1 2020-07-11 13:32:14 -07:00
df_photomovie commit 1 2020-07-11 13:32:14 -07:00
df_rn_kit commit 1 2020-07-11 13:32:14 -07:00
df_rn_kit.config.arm64_v8a commit 1 2020-07-11 13:32:14 -07:00
icon.png commit 1 2020-07-11 13:32:14 -07:00
manifest.json commit 1 2020-07-11 13:32:14 -07:00
README.md Update README.md 2020-11-03 08:04:49 -05:00

TikTok source code

Reverse engineered source code to the android tiktok app.

background

This project is a bit different from my other projects. TikTok is a data collection engine disguised as a social media platform. It's legitimate spyware, so I thought I would reverse engineer the Android application

Included are the compiled classes.jar and classes.dex. You can find all of the source in the classes/ folder in each part of the app.

The main functionality of the app is in df_miniapp. The rest is just included for the sake of completeness. Most of it is useless.

China, I'll see you when you send the hitmen to my house.

Here is the full reverse engineered source code. Enjoy

[NOTE] this is where I got the APK. https://apkpure.com/tiktok/com.ss.android.ugc.trill

interesting code

location tracking:

tiktok_source/df_miniapp/classes/com/tt/miniapp/maplocate/TMALocation.java tiktok_source/df_miniapp/classes/com/tt/miniapp/maplocate/ILocator.java

phone calls:

tiktok_source/df_miniapp/classes/com/tt/miniapp/call/PhoneCallImpl.java

screenshot code:

tiktok_source/df_miniapp/classes/com/tt/miniapp/msg/onUserCaptureScreen/TakeScreenshotManager.java

weird list in the screenshot code (this is nothing particularly special)

  static final String[] KEYWORDS = new String[] { 
      "screenshot", "screen_shot", "screen-shot", "screen shot", "screencapture", "screen_capture", "screen-capture", "screen capture", "screencap", "screen_cap", 
      "screen-cap", "screen cap", "截屏" };
get wifi networks:

tiktok_source/df_miniapp/classes/com/tt/miniapp/msg/wifi/ApiGetWifiListCtrl.java

facial recognition:

tiktok_source/df_miniapp/classes/com/tt/miniapp/facialverify/FacialVerifyProtocolActivity.java

update 9/11/2020

sketchy address code

df_miniapp/classes/com/tt/miniapp/address/LoadAddressTask.java

update 11/03/2020

I apologize for confusion. This is not leaked source code. This is reverse engineered. Thank you for your time.

TODO LIST

decode all android manifests

Done by

  • augustgl (github.com/augustgl
  • quantumcore (github.com/quantumcore)