Challenge Description Welcome to the Strings Challenge! In this lab,your goal is to find the flag. The flag’s format should be “MHL{…}”. The challenge will give you a clear idea of how intents and intent filters work on android also you will get a hands-on experience using Frida APIs. Strings.apk Solution This is interesting challenge. I started with static analysis first. Static Analysis As usual, I used jadx-gui to have a look at the source code. ...
Challenge Description This challenge focuses on exploiting a security flaw related to the broadcast receiver in the “IOT Connect” application, allowing unauthorized users to activate the master switch, which can turn on all connected devices. The goal is to send a broadcast in a way that only authenticated users can trigger the master switch. IOT Connect APK Solution As usual, I started by performing static analysis and dynamic analysis to fully understand what the code is doing. ...