Today i stumbled upon an apk called proxy.apk which is also provided a configuration file that is encrypted. the configuration look like this ALMOST identical to base64

So I decompiled the apk using enjarify, which is quite good like an improved version of dex2jar.

C:\>enjarify proxy.apk

but when reading the decompiled dex files, i found out, this is the cause that enjarify could not decompile apk properly

After quick google I found out that the apk is protected using apkprotect which is currently down at this time of writing. Then quick google on how to deobfuscate apkprotect, I found out this blog post Anti_APKProtect

will generate the following files

Then I analyze the classes_unpack.dex using bytecode viewer. After a while, i found out jsypt is doing the encryption and decryption process on the config file. from the official project state that
Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.
So how I decrypt the config file?
The docs page on jasypt website clearly explain how encryption/decryption process works and also provided tools along with it. It clearly stated that the encryption/decryption required a password

So lets dive into the apk and find the password

looks easy enough to find, then lets decrypt all the strings!
using the tools provided by jasypt. lets picture do the talking

so you can see, some ip, port maybe configuration date was create.
so thats all, till next time!