Challenge Description Welcome to the Secure Notes Challenge! This lab immerses you in the intricacies of Android content providers, challenging you to crack a PIN code protected by a content provider within an Android application. It’s an excellent opportunity to explore Android’s data management and security features. securenote.apk Solution As usual, I start out by reading the code using static analysis Static Analysis To read the apk code, I used jadx-gui. ...
Challenge Description Welcome to the Cyclic Scanner Challenge! This lab is designed to mimic real-world scenarios where vulnerabilities within Android services lead to exploitable situations. Participants will have the opportunity to exploit these vulnerabilities to achieve remote code execution (RCE) on an Android device. cyclicscanner.apk Solution I started by performing static analysis to get an understanding on what the application is doing. Static Analysis I started out by looking into the AndroidManifest.xml after decompiling using jadx-gui. ...
Challenge Description Welcome to the Strings Challenge! In this lab,your goal is to find the flag. The flag’s format should be “MHL{…}”. The challenge will give you a clear idea of how intents and intent filters work on android also you will get a hands-on experience using Frida APIs. Strings.apk Solution This is interesting challenge. I started with static analysis first. Static Analysis As usual, I used jadx-gui to have a look at the source code. ...