ICSCTF BabyGacha

Description I asked for the challenge from other people so I have no idea what the description is. EmojiGachaRPG.apk Static Analysis I started out by decompiling it using jadx-gui and looked into the AndroidManifest.xml 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 <uses-permission android:name="android.permission.INTERNET"/> <activity android:theme="@style/Theme.UltraAddictiveGachaGame" android:name="com.honque.ultraaddictivegachagame.MainActivity" android:exported="true"> <intent-filter> <action android:name="android.intent.action.MAIN"/> <category android:name="android.intent.category.LAUNCHER"/> </intent-filter> </activity> <activity android:name="androidx.compose.ui.tooling.PreviewActivity" android:exported="true"/> <activity android:theme="@android:style/Theme.Material.Light.NoActionBar" android:name="androidx.activity.ComponentActivity" android:exported="true"/> Based on the information found, the application requires internet connection and the only interesting activity is the MainActivity. ...

June 30, 2025 · 3 min · 556 words

ICSCTF Simple Guess

Description I asked for the challenge from other people so I have no idea what the description is. SimpleGuess.apk Static Analysis As usual, I just start analyzing with jadx-gui. I started with the AndroidManifest.xml. 1 2 3 4 5 6 7 8 9 10 <activity android:theme="@style/Theme.SimpleGuess" android:label="@string/app_name" android:name="com.example.simpleguess.MainActivity" android:exported="true"> <intent-filter> <action android:name="android.intent.action.MAIN"/> <category android:name="android.intent.category.LAUNCHER"/> </intent-filter> </activity> There’s only one activity named MainActivity so I just look into this. ...

June 30, 2025 · 4 min · 775 words

Android Spyware Further Analysis

Description This is a continuation of the Android Spyware Maybank2u APK where I dig deeper specifically on the decompilation failure. Although several solution was found previously, I did not fully understand on the issue and thats the reason I’m having the research here The Issue The APK was not able to decompile as shown below. 1 2 3 4 5 6 unzip Maybank2u.apk Archive: Maybank2u.apk [Maybank2u.apk] AndroidManifest.xml password: skipping: AndroidManifest.xml incorrect password inflating: classes.dex ...[snip]... 1 2 3 4 5 6 7 jadx .\Maybank2u.apk INFO - loading ... ERROR - Failed to process zip file: .\Maybank2u.apk jadx.core.utils.exceptions.JadxRuntimeException: Failed to process zip file: .\Maybank2u.apk ...[snip]... Caused by: java.util.zip.ZipException: invalid CEN header (encrypted entry) ...[snip]... 1 2 3 4 5 6 7 apktool d .\Maybank2u.apk I: Using Apktool 2.10.0 on Maybank2u.apk with 8 thread(s). Exception in thread "main" brut.androlib.exceptions.AndrolibException: brut.directory.DirectoryException: java.util.zip.ZipException: invalid CEN header (encrypted entry) ...[snip]... Caused by: brut.directory.DirectoryException: java.util.zip.ZipException: invalid CEN header (encrypted entry) ...[snip]... Caused by: java.util.zip.ZipException: invalid CEN header (encrypted entry) Analysis To fully understand that happened, I used apkInspector tool to understand the information behind it. ...

June 29, 2025 · 4 min · 715 words