Reading Time : 2min
Crackme: challenge-one
Author: reoky
Difficulty: ?
Platform: Android
Language: java
Architecture: X86
Description by Author: A file will be created within the application's sandbox boundaries. You must extract its contents.
After Installation we are presented with this application
by running the application we are presented with this User Interface
we also have HINT and ABOUT Tabs
The hint window is telling us to use a “file browser " application but i was not successful with any application. So i will be using adb to extract our file.
The About tab shows information about author and application
I am using Android Studio AVD Emulator for this excercise. Let’s start by pressing Write File button The file will be created in application directory and button will be changed to Delete File
Now lets start digging for file
The file is located in a protected directory. to access that directory we need to use root permission we are going to use adb root command to access root permission
I found the file “ANSWER” in this location
# data/data/com.reoky.crackme.challengeone/files/ANSWER
lets pull this file using this command
$ adb pull data/data/com.reoky.crackme.challengeone/files/ANSWER /home/"Username"/Documents
i am using linux so my destination path is “/home/$USER/Documents”. use destination path according to your OS.
and this is what we found inside our file
poorly-protected-secret
lets try putting our secret flag
and by pressing “Check” button we get a pop up saying “You’ve completed this challenge!”