webview
-
Read more: Mobile Hacking Lab – Post Board
Description: Welcome to the Android Insecure WebView Challenge! This challenge is designed to delve into the complexities of Android’s WebView component, exploiting a Cross-Site Scripting (XSS) vulnerability to achieve Remote Code Execution (RCE). It’s an immersive opportunity for participants to engage with Android application security, particularly focusing on WebView security issues. Download: https://lautarovculic.com/my_files/postBoard.apkLink:https://www.mobilehackinglab.com/path-player?courseid=lab-webview Install the app with ADB…
-
Read more: Oauthbreaker – Hacker101 CTF – @lautarovculic
Difficulty: Moderate Skills: Android Flags: 2 Flag 1/2 The first thing that we need to do is download the .APK file and decompile with apktool ☝️🤓 apktool d oauth.apk And for recon, I’ll run MobSF and jadx-gui The target SDK is 28, then I will use my Android 9.0 with Genymotion. Install the .APK with…
-
Read more: Intentional Exercise – Hacker101 CTF – @lautarovculic
Difficulty: Moderate Skills: Android Flags: 1 Flag 1/1 First, we need wait until the APK is building. Download the .APK file. Decompile the .APK with apktool apktool d level13.apk The target SDK is 28 (Android 9.0). Then, install the APK with ADB to our Android Device, I use Genymotion. adb install level13.apk Open the app…