Candroid is a 50 point Mobile challenge in the NahamCon CTF. The challenge provides the
candroid.apk file and the description I think I can, I think I can!
The challenge itself is actually really simple. Using an android disassembler/decompiler (I personally use JEB), load the APK and wait for it to decompile and analyze.
The main package contains several classes, but the most interesting one is the
FlagActivity. Viewing the bytecode of that class actually straight up reveals that the flag is loaded from a string resource constant 00000024 14 00 1C 00 0C 7F const v0, 0x7F0C001C
The key name is
flag and it can also be found by browsing the strings.xml resource file
Simple. Challenge solved.