What do you think about https://pypi.org/project/DeStringCare/ ?

[imannms]

DeStringCare

What is it?

It is a tool for extracting StringCare obfuscated secrets in Android apk files. Some of these StringCare protected secrets may contain API addresses and API keys.

https://pypi.org/project/DeStringCare/

---

What do you think about this?

[efraespada]

@imannms I tried to use it with a basic sample but it didn't work for me.

Reading its documentation you can see this:

3. Replace StringCare protected XML file at path apk/res/values/strings.xml.
   It may contain a line like the following:
   <string name="mixpanel_api_key">367E864309B5E7E3E6642483AF380497...</string>

This value 367E864309B5E7E3E6642483AF380497 is an old obfuscation type of SC.

---

Could you try using DeStringCare as well?

[efraespada]

Reviewing the DeStringCare's issues I found this one.

Translated from Google:

It does not work with an array of bytes;

Doesn't work with latest versions of StringCare :-(
The problem is most likely due to the fact that StringCare switched to a byte array instead of hex, but maybe I'm wrong
Array of bytes in hex in C # looks something like this, alas, I do not write in python