Apps for Windows 8 easily hacked

Justin Angel's hacks are now only accessible via Google's cache. His web page is offline

Windows 8 offers several vectors that enable attackers to manipulate or modify apps, according to Justin Angel. On his private homepage, he has described how hacking such apps is easy because, he says, the encrypted data is stored locally – along with the encryption algorithm and the hash key.

Angel uses various game apps to demonstrate what is possible with this knowledge. Using the locally stored data and tools such as dotPeek, the engineer says that he can create a stash of gold that he would otherwise need to buy for real money in one game. Angel simply sets the purchase price of items to "0" in another game and converts free trial apps to full versions that he then accesses free of charge. His hacks focus on apps that use Microsoft's Intermediate Language (IL).

Games are the most popular apps - even among commercial apps
Source: Microsoft Angel also presents a hack for apps, such as Cut the Rope, that expect a server response. The hacker takes advantage of the fact that Windows Internet Explorer 10 allows him to inject JavaScript code. He uses this to pretend to the software that he is the software creator, which enables him to access levels that would otherwise need to be paid for.

The engineer said that he chose games to demonstrate these issues because "games account for the majority of developer revenue". Although figures for the Windows 8 desktop and tablet operating systems have not yet been released, Microsoft's official statistics say, for example, that 64 per cent of the app revenue for the Windows Phone 7 smartphone operating system is generated from commercial game downloads.

Angel also discusses how the problems can be fixed. For example, he notes that the availability of encrypted app storage that can only be accessed by developers could help. Trial and full versions could be clearly separated by releasing trial versions as packages with a generally limited functionality – and without the option to unlock the full version.

The engineer asserts that his motivation wasn't to provide app hacking instructions. On the contrary, Angel emphasises that he bought the sample apps he hacked and recommends that his readers to do the same because they "are awesome". He also notes that his employer had nothing to do with his article and that he worked on these hacks in his free time. This could be somewhat controversial though because, according to publicly accessible information such as his Twitter profile, Justin Angel is a Nokia engineer who works on the Windows Phone 7 and 8 smartphone systems. Microsoft and Nokia collaborated closely to develop Windows Phone.

Justin Angel's personal web page is currently offline but can still be accessed via the Google cache.

(fab)