omakmoh@home:~$

Malware Reverse Engineering - CyberTalents Quals 2020

Hello Hackers. This is my writeup for Cybertalents Qualifications.
I’ll continue the writeup for CyberTalents Quals Next Category is Reverse Engineering

Challange Name: isolation
Category: Malware Reverse Engineering
Points: 100
Difficulty: Medium
Description: Devoloper think that the real hacker does not need any buttons to get the flag.

It is an .apk file .. you can download the apk from here

First of all i install the apk file on genymotion emulator and run it


When i open the application i see login page but without login button


this is the thing which mentioned in the description

Then I realized that there is another page i will access it from outside the application and this issue called access control issue


first thing came in my mind it’s decode the apk file


I decode the app using apktool apktool d isolate.apk


Then i inspect AndroidManiFest.XML looking for any activities


As we see there is an Activity called SECRETBOX and it is protected with an intent filter and the intent filter should not use it as a protection mechanism because when using the intent filter whe an app component like activity the component is publicly exported , so the activity is vulenrable and it can be invoke from any outside application

So let’s make some fun

via adb shell i use this command am start -W com.cybertalents.otherside/.SecretBox

and finally we made it..


D1FCF5F5F6B9FFEBF6F4B9DAB2B2