Hack Force ONE-Arriva MTicket

(This is a HackForce ONE security post)

Hi all,

In the UK Arriva group are a major bus operator, in Derby they are the main operator.

Arriva sell mobile tickets, this is a mobile app called MTicket (Developed Trapeze group)  that you can purchase your bus tickets on. After my previous findings of MTicket security flaws the application was changed to prevent any users with rooted android devices from using the application.

To use download the no-root-check MTicket apk and the freely avaible Zipsigner from google play, this is used to convert the downloaded apk into a form that can be installed.

Open Zipsigner, select the downloaded MTicket APK as the input file then click sign the file.

Then install the outputted file(Shown under signed_output_file).


The no-root-check MTicket apk okonetwork.org.uk/hfo_mticket.apk

Zipsigner https://play.google.com/store/apps/details?id=kellinwood.zipsigner2


*To Arriva/Trapeze group-If you would like to email me- [email protected]

Welcome to The Oko Network

Hi there,

At The Oko Network, we can provide open source powered IT solutions ranging from custom designed web applications to POS systems and more.


If you need IT solutions email us

[email protected]


What are we working on

Ravira: Mobile ticketing system for transport operators. Passengers can use their mobile devices as tickets, with Ravira passengers can purchase mobile tickets in person, that could then be used right away, without needing an internet connection on their device. The (optional) driver Ravira ticket validator app does not require internet access. Due to how Ravira is designed one operator can with ease accept and validate another operator’s mobile tickets with just a few clicks.