hacktricks/mobile-pentesting/android-app-pentesting/react-native-application.md



<details>

<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Other ways to support HackTricks:

* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>

# React Native Application Analysis

To confirm if the application was built on the React Native framework, follow these steps:

1. Rename the APK file with a zip extension and extract it to a new folder using the command `cp com.example.apk example-apk.zip` and `unzip -qq example-apk.zip -d ReactNative`.

2. Navigate to the newly created ReactNative folder and locate the assets folder. Inside this folder, you should find the file `index.android.bundle`, which contains the React JavaScript in a minified format.

3. Use the command `find . -print | grep -i ".bundle$"` to search for the JavaScript file.

To further analyze the JavaScript code, create a file named `index.html` in the same directory with the following code:

```html
<script src="./index.android.bundle"></script>
```

You can upload the file to [https://spaceraccoon.github.io/webpack-exploder/](https://spaceraccoon.github.io/webpack-exploder/) or follow these steps:

1. Open the `index.html` file in Google Chrome.

2. Open the Developer Toolbar by pressing **Command+Option+J for OS X** or **Control+Shift+J for Windows**.

3. Click on "Sources" in the Developer Toolbar. You should see a JavaScript file that is split into folders and files, making up the main bundle.

If you find a file called `index.android.bundle.map`, you will be able to analyze the source code in an unminified format. Map files contain source mapping, which allows you to map minified identifiers.

To search for sensitive credentials and endpoints, follow these steps:

1. Identify sensitive keywords to analyze the JavaScript code. React Native applications often use third-party services like Firebase, AWS S3 service endpoints, private keys, etc.

2. In this specific case, the application was observed to be using the Dialogflow service. Search for a pattern related to its configuration.

3. It was fortunate that sensitive hard-coded credentials were found in the JavaScript code during the recon process.

## References
* [https://medium.com/bugbountywriteup/lets-know-how-i-have-explored-the-buried-secrets-in-react-native-application-6236728198f7](https://medium.com/bugbountywriteup/lets-know-how-i-have-explored-the-buried-secrets-in-react-native-application-6236728198f7)

<details>

<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Other ways to support HackTricks:

* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00

			`<details>`

ARTE 2024-01-13 22:03:42 +00:00			`<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
ARTE 2024-01-13 22:03:42 +00:00			`Other ways to support HackTricks:`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
ARTE 2024-01-13 22:03:42 +00:00			`* If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the [SUBSCRIPTION PLANS](https://github.com/sponsors/carlospolop)!`
			`* Get the [official PEASS & HackTricks swag](https://peass.creator-spring.com)`
			`* Discover [The PEASS Family](https://opensea.io/collection/the-peass-family), our collection of exclusive [NFTs](https://opensea.io/collection/the-peass-family)`
a 2024-02-09 00:36:13 +00:00			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks_live).`
ARTE 2024-01-13 22:03:42 +00:00			`* Share your hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`

a 2024-02-03 16:02:14 +00:00			`# React Native Application Analysis`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
a 2024-02-03 16:02:14 +00:00			`To confirm if the application was built on the React Native framework, follow these steps:`
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			1. Rename the APK file with a zip extension and extract it to a new folder using the command `cp com.example.apk example-apk.zip` and `unzip -qq example-apk.zip -d ReactNative`.
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			2. Navigate to the newly created ReactNative folder and locate the assets folder. Inside this folder, you should find the file `index.android.bundle`, which contains the React JavaScript in a minified format.
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			3. Use the command `find . -print \| grep -i ".bundle$"` to search for the JavaScript file.
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			To further analyze the JavaScript code, create a file named `index.html` in the same directory with the following code:
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			```html
			`<script src="./index.android.bundle"></script>`
GitBook: [#2820] up 2021-11-03 10:22:49 +00:00			```

a 2024-02-03 16:02:14 +00:00			`You can upload the file to [https://spaceraccoon.github.io/webpack-exploder/](https://spaceraccoon.github.io/webpack-exploder/) or follow these steps:`
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			1. Open the `index.html` file in Google Chrome.
GitBook: [master] 2 pages modified 2021-08-09 12:26:47 +00:00
a 2024-02-03 16:02:14 +00:00			`2. Open the Developer Toolbar by pressing Command+Option+J for OS X or Control+Shift+J for Windows.`
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			`3. Click on "Sources" in the Developer Toolbar. You should see a JavaScript file that is split into folders and files, making up the main bundle.`
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			If you find a file called `index.android.bundle.map`, you will be able to analyze the source code in an unminified format. Map files contain source mapping, which allows you to map minified identifiers.
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			`To search for sensitive credentials and endpoints, follow these steps:`
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			`1. Identify sensitive keywords to analyze the JavaScript code. React Native applications often use third-party services like Firebase, AWS S3 service endpoints, private keys, etc.`
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			`2. In this specific case, the application was observed to be using the Dialogflow service. Search for a pattern related to its configuration.`
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-03 16:02:14 +00:00			`3. It was fortunate that sensitive hard-coded credentials were found in the JavaScript code during the recon process.`
GitBook: [master] 3 pages modified 2021-02-01 09:24:10 +00:00
a 2024-02-08 03:08:28 +00:00			`## References`
a 2024-02-03 16:02:14 +00:00			`* [https://medium.com/bugbountywriteup/lets-know-how-i-have-explored-the-buried-secrets-in-react-native-application-6236728198f7](https://medium.com/bugbountywriteup/lets-know-how-i-have-explored-the-buried-secrets-in-react-native-application-6236728198f7)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`<details>`

ARTE 2024-01-13 22:03:42 +00:00			`<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
ARTE 2024-01-13 22:03:42 +00:00			`Other ways to support HackTricks:`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
ARTE 2024-01-13 22:03:42 +00:00			`* If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the [SUBSCRIPTION PLANS](https://github.com/sponsors/carlospolop)!`
			`* Get the [official PEASS & HackTricks swag](https://peass.creator-spring.com)`
			`* Discover [The PEASS Family](https://opensea.io/collection/the-peass-family), our collection of exclusive [NFTs](https://opensea.io/collection/the-peass-family)`
a 2024-02-09 00:36:13 +00:00			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks_live).`
ARTE 2024-01-13 22:03:42 +00:00			`* Share your hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`