Reverse Engineering the Show Box app

October 23, 2018 | 02:42 PM


For a while now I have been wondering how the app of Show Box stays afloat and how everything comes together. This page is of my current efforts to reverse engineering the app. As reverse engineering this app is not super easy I am keeping everything I find publicly available. Someday maybe a open source version of the app might be possible. Imagen running a version of Show Box in a browser without an emulator!

One of the first things I did to try reverse engineering the SB app was to inspect the traffic coming out of it. Using a free play store app (Packet Capture) that makes a local vpn to sniff the packets coming out of the app*, I got a few interesting things.

So, here is what I have:

~Note: Most of the links require a user agent string of "Show Box"

In oreder to send the custom user agent, use the browser exstention found here.

The links

This is where the app gets a token (I think):

This is what the app uses to get the movie/episode id:

This is where the app gets a hash (don't know what for yet):

This is where the app gets the video stream urls from, but, I haven't cracked this one yet:

I say this is a good start, but until I don't need the app anymore to get the url streams and moive/season id's, I have more work to do. I want to not have any reliance (except for their api and db) with the SB app. PLEASE, if you have any insight on this topic leave a comment below!

*I don't have a complete understanding of the packet app

Here is a noice site for the timestamp:



This is the FBI. Stop what you are doing immediately.

October 23, 2018 | 09:43 PM

Interesting find!

October 28, 2018 | 06:01 PM

*note* the domain of is down and is no longer used by the app.

December 13, 2018 | 08:05 AM

The new app uses the domain of

February 15, 2019 | 06:17 PM