Decrypting the network traffic of an android game built with Unity

Here is what I did: installed the game on an emulator setup a local proxy to act as a middle-man and decode the https traffic configured the emulator to use my local proxy The problem is that the body of the requests is also encrypted with something different. I tried to use some online tools to brute-force and decode it, but with no results. I found that unity offers modules to further encrypt network requests, so I guess developers used them. My idea is to decompile the code somehow. I downloaded the APK to my local machine, got the jar, but I do not know where the game code is. All resources online seem to have a different folder structure than what I found. You can see it in the screenshot. Ideas? ​ https://preview.redd.it/b4s9vgyurrxb1.png?width=1646&format=png&auto=webp&s=101eb12cec6192ac62634dfe054be42b97c12fea submitted by /u/idkwhatiamdoingg [link] [comments]

from hacking: security in practice https://ift.tt/Mf9E2pR