Contact person: Job Posting — Recover SQLCipher Encryption Key for Offline Android App (USD 5,500)

Phone:Show

Email:Show

Location: Hanoi, Vietnam

Budget: Recommended by industry experts

Time to start: As soon as possible

Project description:
"Budget: USD 5,500 (fixed)
Location: Remote
Type: Short-term contract — one-time deliverable
Confidentiality: NDA required

Project summary

I own an Android app (runs fully offline) that contains an encrypted SQLite database protected by SQLCipher. I need a qualified security/reverse-engineering professional to recover the encryption key (password) used to decrypt that database so I can read its contents.

What I will provide

The APK (signed/installed on a test device) and, if needed, the device image or a copy of the database file.

Confirmation that I own the app and the data, and that you are authorized to perform this work.

A standard NDA to be signed before any sensitive files are shared.


Required deliverables

1. The SQLCipher key (password) that successfully decrypts the database.


2. A short report (1–2 pages) describing the method used at a high level (no exploit code required), the tools used, and the exact steps you performed to reproduce the result on my provided APK/database.


3. Any scripts or tools you created for the task (source code) delivered in a repository, with usage instructions.


4. Confirmation that all copies of the database and keys created during the engagement have been deleted (or handed over) as agreed in the NDA.



Skills & experience I’m looking for

Proven experience with Android reverse engineering (examples required).

Familiarity with SQLCipher-encrypted SQLite databases and typical key storage patterns.

Experience using tools such as JADX, IDA/Ghidra, Frida, radare2, Android debuggers, and native analysis workflows.

Experience analyzing both Java/Kotlin and native (C/C++) code in Android apps.

Strong security/forensics background and professional ethics (must sign NDA).

Clear English communication.


How to apply

Please submit:

1. A brief cover letter describing relevant experience (2–4 sentences).


2. Links or short descriptions of two past projects or write-ups where you recovered keys, analyzed Android apps, or performed similar reverse engineering (public redacted reports preferred). If prior work is confidential, provide an anonymized description.


3. Your proposed timeline to deliver after NDA and files are shared.


4. Confirmation you will sign an NDA and adhere to an agreed data-handling plan.



Payment & terms

Fixed payment of USD 5,500 on successful delivery of the working key and acceptance of deliverables.

Payment will be made through the freelancer platform or mutually agreed channel.

NDA must be signed before any sensitive file is shared.

You must confirm legal authorization to perform this work in your jurisdiction.


Important notes / legal & ethical

You must only work on the APK and data I provide and must not use recovered keys to access any data beyond the scope agreed in the NDA.

If you cannot legally perform this work where you are located, please do not apply.

I reserve the right to request proof of identity and prior experience before sharing the APK or database file.



---

If you meet the above requirements and can deliver, please apply with the items requested under How to apply. I will review applications quickly and send the NDA to selected candidates. Thank you." (client-provided description)