h1-702
-
Read more: HackerOne H1-702 – Challenge 3Description: We could not find the original apk, but we got this. Can you make sense of it? Download APK: https://lautarovculic.com/my_files/challenge3_h1-702.zip We can see, unzipping the file, two files, base.odex and boot.oatBut, what are these files?OAT and ODEX files are binary formats used in the Android environment to optimize application execution. Each has a specific purpose related to the performance and precompilation of applications on the system. ODEX…
-
Read more: HackerOne H1-702 – Challenge 2Description: Looks like this app is all locked up. Think you can figure out the combination? Download APK: https://lautarovculic.com/my_files/challenge2_h1-702.apk Install the apk with adb adb install -r challenge2_h1-702.apk And then, decompile with apktool apktool d challenge2_h1-702.apk We can see a PIN app, which have six numbers combination.So, we can simply try the 1.000.000 combinations (C= 10⁶ = 1.000.000) or look the source code. Open jadx (GUI Version) for analyze the code.The package name is com.hackerone.mobile.challenge2And…
-
Read more: HackerOne H1-702 – Challenge 1Description: Someone chopped up the flag and hide it through out this challenge! Can you find all the parts and put them back together? Download APK: https://lautarovculic.com/my_files/challenge1_h1-702.apk Install the apk with adb adb install -r challenge1_h1-702.apk Then, decompile with apktool apktool d challenge1_h1-702.apk Let’s inspect the source code with jadx (GUI version)When the app is launched, we just see an blank activity with the text “Reverse the…