Posts

Challenge Description This app contains some unique keys. Can you get one? APKey.apk Solution Static Analysis The first step is always static analysis. I started by using jadx-gui to see the decompiled Java code. Looking into the AndroidManifest.xml, it looks like there’s only one activity which is MainActivity. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 <application android:theme="@style/Theme.APKey" android:label="@string/app_name" android:icon="@mipmap/ic_launcher" android:allowBackup="true" android:supportsRtl="true" android:roundIcon="@mipmap/ic_launcher_round" android:appComponentFactory="androidx.core.app.CoreComponentFactory"> <activity android:name="com.example.apkey.MainActivity"> <intent-filter> <action android:name="android.intent.action.MAIN"/> <category android:name="android.intent.category.LAUNCHER"/> </intent-filter> </activity> </application> Since it’s gonna be MainActivity, we could have a look at the code. Inside the code, we have something interesting. ...

Challenge Description Welp, time to do it again. Unable to install? That is a part of the challenge, try to overcome it. Author: Trailbl4z3r & Monaruku hint: Tbh this is not a natively built app, more like something just wrapped into an app World-II.apk Solution Since it’s an APK file, Lets start with jadx-gui for static analysis. In terms of static analysis, it’s always best to check out AndroidManifest.xml first. ...

Prerequisite a physical android devices rooted termux app As mentioned, the android devices must be rooted in order to work like a rubber ducky. I’ll be using my old devices that I have rooted as demonstration purposes. Here’s a quick evidence that my devices is rooted. Setting up Now that the android devices is rooted, I’ll need to download some useful files and application that has been created by others ...