From Android Static Analysis to RCE on Production

TL;DRWe exploited an information disclosure in the mobile app to get an RCE on an internal server which was leveraged to the prod environment. Let's call the organization " Redacted Inc.".Their in-scope apps and URL's are their Android apps, and two ...