Deepapp

MediumMobile Security

Overview

You are given an Android application package (APK).

The application contains functionality that is not directly accessible during normal usage. Through careful analysis and interaction with the app, it is possible to reach restricted behavior that reveals the flag.

Your task is to analyze the APK and retrieve the flag.
Flag Format : Flag{}

Lab Details

Prerequisites & Requirements

Understanding of Android application fundamentals
Basic knowledge of Android security mechanisms (permissions, activities)
Familiarity with APK structure and decompilation
Experience with path traversal vulnerabilities
Knowledge of Smali code and ability to modify it
Understanding of Android deep links and intent filter

What will you learn?

How to analyze Android applications using JADX
Understanding signature-level permissions in Android
Exploiting path traversal vulnerabilities in Android deep links
Bypassing permission checks by modifying Smali code
Repackaging and signing modified Android applications
Using ADB to interact with Android applications
Extracting protected content from Android applications

Tools

JADX - For decompiling and analyzing the APK
APKTool - For disassembling and rebuilding the APK
Text Editor - For modifying manifest and Smali files
Zipalign - For optimizing the repackaged APK
Keytool - For generating a new signing certificate
APKSigner - For signing the modified APK
ADB (Android Debug Bridge) - For installing and interacting with the APK

Deepapp

Overview

Lab Details

Job Positions

Tags