Candroid is a 50 point Mobile challenge in the NahamCon CTF. The challenge provides the
candroid.apkfile and the description
I think I can, I think I can!
The challenge itself is actually really simple. Using an android disassembler/decompiler (I personally use JEB), load the APK and wait for it to decompile and analyze.
The main package contains several classes, but the most interesting one is the
FlagActivity. Viewing the bytecode of that class actually straight up reveals that the flag is loaded from a string resource constant
00000024 14 00 1C 00 0C 7F const v0, 0x7F0C001C
The key name is
flagand it can also be found by browsing the
Simple. Challenge solved.