crypto
-
Read more: BSides San Francisco CTF 2017 – pinlockDescription: It’s the developer’s first mobile application. They are trying their hand at storing secrets securely. Could one of them be the flag?Note: For this challenge, we need install some things into our Android 5.1 device with Genymotion.For example, an ARM Translator.https://github.com/m9rco/Genymotion_ARM_Translation Download APK: https://lautarovculic.com/my_files/pinstore.apk Install the apk with adb adb install -r pinstore.apk Then, decompile with apktool apktool d pinstore.apk Notice…
-
Read more: Sharif University Quals CTF 2014 – Commercial ApplicationCategory: CryptoDescription: Flag is a serial number. Note: For this challenge, we need install some things into our Android 5.1 device with Genymotion.For example, an ARM Translator.https://github.com/m9rco/Genymotion_ARM_Translation Download APK: https://lautarovculic.com/my_files/suCTF.apk Install the apk with adb adb install -r suCTF.apk Decompile this with apktool apktool d suCTF.apk And now we can inspect the source code with jadxBut, first at all, let’s take a look to the…
-
Read more: AHE17: Android Hacking Events 2017 (You Can Hide – But You Cannot Run)For this challenge, probably we need install some things into our Android 5.1 device with Genymotion.For example, an ARM Translator.https://github.com/m9rco/Genymotion_ARM_Translation For download the APKhttps://team-sik.org/wp-content/uploads/2017/06/YouCanHideButYouCannotRun.apk_.zip Use apktool for decompile the .apk file apktool d YouCanHideButYouCannotRun.apk And install the .apk with adb adb install -r YouCanHideButYouCannotRun.apk Launching the app we can see that we have a text that talk about encryption and a button. That say Start to Running if we press it. Let’s load the .apk to jadx for…
-
Read more: AHE17: Android Hacking Events 2017 (Flag-Validator)Methods For this challenge, probably we need install some things into our Android 5.1 device with Genymotion.For example, an ARM Translator.https://github.com/m9rco/Genymotion_ARM_Translation For download the APKhttps://team-sik.org/wp-content/uploads/2017/06/FlagValidator.apk_.zip With apktool will extract the content of the apk file apktool d FlagValidator.apk Let’s see the content of MainActivity.java that say so clear the structure of the flag.In the onValidateClick method public void onValidateClick(View view) { new StringBuilder(“Validate Token…
-
Read more: AHE17: Android Hacking Events 2017 (AES-Decrypt)For this challenge, we need install some things into our Android 5.1 device with Genymotion.For example, an ARM Translator.https://github.com/m9rco/Genymotion_ARM_Translation For download the APK https://team-sik.org/wp-content/uploads/2017/06/AES-Decrypt.apk_.zip Now, installing the APK, we can see a button and two text box for decrypt something. Then, let’s take around the code with jadx. Just we need this piece of Java…
-
Read more: Hack The Box – Cryptohorrific – @lautarovculicDifficult: Medium Category: Mobile OS: iOS Description: Secure coding is the keystone of the application security! After downloading the compressed file and decompressing it, we will have a folder where inside we find the files we need: The hackthebox file, is the main file of the program that contains the binary files. The .plist file…
-
Read more: zChecksumTool to obtain and compare hashes. Python >= 3.9 pip install hashlib pip install colorama Usage python zChecksum.py <file_name> python zChecksum.py <file_name> [hash] The [hash] arg is optional. This hash will compare the hashes that were obtained from the <file_name>. Code # Lautaro Daniel Villarreal Culic’ # https://lautarovculic.com # ver 4.0 # REQUIRE…
-
Read more: zStegoIt is a steganography tool for hiding files and texts within an image. Programmed in .NET with Visual Basic.