BackDoor 1: Walkthrough of NET-SQUARE Hacking Warm-Up Mobile Application Challenge
参加Capture-The-Flag活动,参与者需通过逆向工程工具(如apktool、jadx-gui)提取隐藏在移动应用中的用户名和密码。 2025-9-1 05:56:4 Author: infosecwriteups.com(查看原文) 阅读量:10 收藏

Saurabh Jain

Recently got an opportunity to participate in a CTF (Capture-The-Flag) event which was organized by NET-SQUARE. They had their different set of challenges with respect to Mobile, Web, Network, Source Code, and Thick/Thin Client. So, there were few quite interesting mobile application challenges and here we will be discussing one of them.

Note: Those who want to explore and want to try the challenges on their own before reading the walkthrough can access the applications from the GitHub repository. The application can be downloaded from [here]. Kindly share your experience with me in the comment box.

Challenge Description: The application hides username and password inside the application and we need to find the credentials using various tools and techniques to log in.

Tools Used :

adb : command line tool that lets you communicate with device

apktool : command line tool for reverse engineering android applications

jadx-gui : tool for producing Java source code from Android Dex and APK files

Android Studio : official Integrated Development Environment (IDE) for Android app development

Device : Android Device/Android Studio


文章来源: https://infosecwriteups.com/backdoor-1-walkthrough-of-net-square-hacking-warm-up-mobile-application-challenge-7433b8e1a482?source=rss----7b722bfd1b8d---4
如有侵权请联系:admin#unsafe.sh