Malware Reverse Engineering - CyberTalents Quals 2020
Hello Hackers.
This is my writeup for Cybertalents Qualifications.
I’ll continue the writeup for CyberTalents Quals Next Category is Reverse Engineering
Challange Name: isolation
Category: Malware Reverse Engineering
Points: 100
Difficulty: Medium
Description: Devoloper think that the real hacker does not need any buttons to get the flag.
It is an .apk file .. you can download the apk from here
First of all i install the apk file on genymotion emulator and run it
When i open the application i see login page but without login button
this is the thing which mentioned in the description
Then I realized that there is another page i will access it from outside the application and this issue called access control issue
first thing came in my mind it’s decode the apk file
I decode the app using apktool apktool d isolate.apk
Then i inspect AndroidManiFest.XML looking for any activities
As we see there is an Activity called SECRETBOX and it is protected with an intent filter
and the intent filter should not use it as a protection mechanism because when using the intent filter whe an app component like activity the component is publicly exported , so the activity is vulenrable and it can be invoke from any outside application
So let’s make some fun
via adb shell i use this command am start -W com.cybertalents.otherside/.SecretBox
and finally we made it..
D1FCF5F5F6B9FFEBF6F4B9DAB2B2