Monday, March 2, 2015

PragyanCTF - Android - Hackerz

When first getting this file, we were a little unsure about what steps to take for this challenge. As this was my first time attempting an Android based challenge I used the Googles for ideas.
While one team member was working on getting the circle.apk file to work with an emulator to see if that would provide us with any insight into the challenge I decided to work on unpacking the apk file as not to duplicate efforts. 


Using 7zip, apktool, and dex2jar I was able to unpack the circle.apk file.


Using the dex2jar tool I was able to extract the classes.dex file:


Unpacking the .jar file I was given a new directory /com. After looking around I didn't see anything useful. I went back to the apktool and decompiled the circle.apk into a new directory.

After running the decompile, I looked in my new directory which led to more directories:
After changing into many sub directories I finally I reached the end of the rabbit hole which contained a few smali files. I started looking at each one for anything considered “interesting”.


In the b.smali file I noticed some base64 encoding:


Copying that into a new file called test.txt, I decoded the base64:


We see our decoded base64 is the flag: y0u_4r3_4_h4ck3r



No comments:

Post a Comment