Hi guys . from my understanding this site have the best of the best when it comes to revers engineering .
Here is my case and please let me know if this possible
There is an IOS App, let’s call it “Z” that Trigger 2FA “Two-factor authentication” during the login process . however if you login from the website there is no 2FA needed . so this only happen if you try login from the App
So It is clear that the IOS App using a Different Login API then the website
My Question is this
In theory is it possible to reverse engineer the IOS App and replace the Login API with the one from the website and expect to login from the App without 2FA ?