Navegando por
Categoría: Reversing

IceCTF – Poke a Mango

IceCTF – Poke a Mango

This  test provides us an APK file through this link, called pokeamango.apk.   Analysis This android application is similar to Pokemon GO, it’s about capturing mangoes, to be able to buy the flag once you have 151 captured. Analyzing the apk with jadx-gui, you can see the requests that we need. A first request lists the «mangoes» that we have nearby:   REQUEST: POST /mango/list HTTP/1.1 Host: pokeamango.vuln.icec.tf Content-Length: 51 Accept: */* Origin: file:// User-Agent: Mozilla/5.0 (Linux; Android 7.1.1; Custom Tablet…

Leer más Leer más

Codegate CTF 2018 Preliminary – Welcome to droid

Codegate CTF 2018 Preliminary – Welcome to droid

This  test provides us an APK file through this link, called droid.apk. Analysis The first thing we do is install it on a genymotion android virtual machine, and execute it:   If we click next, pass to following challenge:   At this stage, if we click, it returns an error message. Then, we open it with jadx-gui  and analyze it. We see that there are several classes in the com.example.puing.a2018codegatepackage: These classes give us a hint as to the order in which…

Leer más Leer más

NullCon CTF: Reverse Level 5 (500 points)

NullCon CTF: Reverse Level 5 (500 points)

The first thing I did was making a static analysis. When you open the executable with IDA Pro, the first thing you see is the WinMain function: Analyzing the first function of WinMain (Sub_401250), you can see that it contains anti-debug mechanisms, so when the program is run, it will have put a break point and change EIP value for skip this function: Once I saw what the first function did, I went to the second function of WinMain (sub_401110), the first thing…

Leer más Leer más