NahamCon – Mobile – Candroid Writeup

Candroid is a 50 point Mobile challenge in the NahamCon CTF. The challenge provides the candroid.apk file and the description I think I can, I think I can!
The challenge itself is actually really simple. Using an android disassembler/decompiler (I personally use JEB), load the APK and wait for it to decompile and analyze.
The main package contains several classes, but the most interesting one is the FlagActivity. Viewing the bytecode of that class actually straight up reveals that the flag is loaded from a string resource constant 00000024  14 00 1C 00 0C 7F  const v0, 0x7F0C001C

The key name is flag and it can also be found by browsing the strings.xml resource file
Simple. Challenge solved.

Leave a Reply

Your email address will not be published. Required fields are marked *