The Bytecode Club

Full Version: How to determine version of 3rd party libraries
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Not purely related to BCV but related toRE in general. Most Android Apps (or java ones) rely on 3rd party libraries to do much of the heavy lifting for functionality of the app. When reverse engineering, you are likely to come across 3rd party libraries such as Twitter4J and OAuth. Also a vast majority of these libraries are open source too and are under source control such as Github. Depending on popularity, they tend to be updated often too. Is there any way to determine the version of library used in the particular app? If BCV can't do this, is there any tool out there that can detect the version of the library used by comparing code signatures?

This is even harder given that you only have bytecode access.
You'd have to do some sort of bytecode pattern matching or heuristics but still, it's an extremely hard problem to solve.