smali
-
Read more: IceCTF 2015 – Husavik
Description: This handy Android App is supposed to display the flag, but it’s not working!Note: For this challenge, we need install some things into our Android 5.1 device with Genymotion.For example, an ARM Translator.https://github.com/m9rco/Genymotion_ARM_Translation Download APK: https://lautarovculic.com/my_files/husavik.apk Install the apk with adb adb install -r husavik.apk Then, decompile it with apktool apktool d husavik.apk We can see inspecting the source code with jadx (GUI version)That in…
-
Read more: SECCON Quals CTF 2015 – Rock, Paper, Scissors
Description: Please win 1000 times in rock-paper-scissorsNote: For this challenge, we need install some things into our Android 5.1 device with Genymotion.For example, an ARM Translator.https://github.com/m9rco/Genymotion_ARM_Translation Download APK: https://lautarovculic.com/my_files/rps.apk Install the apk with adb adb install -r rps.apk Then, decompile it with apktool apktool d rps.apk We can see the game Rock, Paper and Scissors.If we win, +1.Draw keep points and loose all the pointsWe need…
-
Read more: Trend Micro CTF 2015 – Offensive 200
Note: For this challenge, we need install some things into our Android 5.1 device with Genymotion.For example, an ARM Translator.https://github.com/m9rco/Genymotion_ARM_Translation Download APK: https://lautarovculic.com/my_files/VirusClicker.apk Install the apk with adb adb install -r VirusClicker.apk And decompile with apktool apktool d VirusClicker.apk We can notice that the app isn’t responding. So I need install this app into an Android API29Let’s inspect the source code with jadx (GUI version)We have the SplashActivity, MainActivity, and…
-
Read more: TinyCTF 2014 – Oh! What does this button do?
Note: For this challenge, we need install some things into our Android 5.1 device with Genymotion.For example, an ARM Translator.https://github.com/m9rco/Genymotion_ARM_Translation Download APK: https://lautarovculic.com/my_files/rev200.zip When download the .zip file, we can extract this with 7z x rev200.zip The rev200 file is another zip file rev200: Zip archive data, at least v2.0 to extract, compression method=deflate So, what is an apk? We can look this…
-
Read more: Pico CTF 2014 – Droid App
Category: ForensicsDescription: An Android application was released for the toaster bots, but it seems like this one is some sort of debug version. Can you discover the presence of any debug information being stored, so we can plug this? You can download the apk here. Note: For this challenge, we need install some things into…
-
Read more: AHE16: Android Hacking Events 2017 (Strange Calculator)
For this challenge, we need install some things into our Android 5.1 device with Genymotion.For example, an ARM Translator.https://github.com/m9rco/Genymotion_ARM_Translation For download the APKhttps://team-sik.org/wp-content/uploads/2016/06/strangecalculator.apk_.zip We install the apk with adb install -r strangecalculator.apk And then, decompile this with apktool apktool d strangecalculator.apk Let’s inspect the source code with jadx (GUI Version)We have 2 activities, MainActivity and Parser activity. Let’s talk about MainActivity (Code can be shorted for the writeup) package…
-
Read more: FastJson and Furious – Hack The Box – @lautarovculic
Difficult: Easy Category: Mobile OS: Android Description: A couple years ago I was experimenting with Android Development and I created this application to hide my secret, but now I forgot how to get it back. Can you help me? First, download the .zip file and extract them with hackthebox password. Then, we’ll use apktool for…
-
Read more: Joker – Hack The Box – @lautarovculic
Difficult: Hard Category: Mobile OS: Android Description: The malware reverse engineering team got an alert about malware which is still published on Google’s PlayStore and has thousands of installs. Can you help them to identify the address of the command and control server in order to blacklist it ? Download and extract the .zip file…
-
Read more: APKrypt – Hack The Box – @lautarovculic
Difficult: Easy Category: Mobile OS: Android Description: Can you get the ticket without the VIP code? Download the zip file and extract with the hackthebox password. There are a README.txt file that say Install this application in an API Level 29 or earlier (i.e. Android 10.0 (Google APIs)). Decompile the apk with apktool apktool d…
-
Read more: Intentional Exercise – Hacker101 CTF – @lautarovculic
Difficulty: Moderate Skills: Android Flags: 1 Flag 1/1 First, we need wait until the APK is building. Download the .APK file. Decompile the .APK with apktool apktool d level13.apk The target SDK is 28 (Android 9.0). Then, install the APK with ADB to our Android Device, I use Genymotion. adb install level13.apk Open the app…