Discovering already encrypted REQUEST key AES128 and sending already encrypted REQUEST with other data
I'm working on a college project to understand how the IOS application sends the password in the REQUEST already encrypted in AES128, what is its key, and send a REQUEST with our string transformed into a password encrypted with AES128 in the same way. We were not given any specific method to accomplish this, we are free to use whatever is useful.
No response from the application's requests returns the password encryption key.
We have performed traffic capture and SSL Pinning in IOS.
What method would you use to discover this key?
Other teams have already succeeded, but the information cannot be shared, the purpose of the task is precisely for the teams to use the methods they have chosen to send a request with encryption encoded in its string.
