My Adb
EasyMobile Security
Overview
The app uses the pass file as a form of authentication, internally referencing it as VorWgKIheG from the package's context files directory. If the correct file is provided, the app will generate a new file called to_upload.pdf. In addition, there's a button within the app that must be clicked 1,000 times. Once this is done, a pass value will be logged. To obtain the flag, compute the SHA-256 hash of the to_upload.pdf file and combine it with a secret. Note: This challenge must be solved using only ADB.
Flag Format: Flag{sha256(to_upload.pdf)|secret}
Lab Details
Prerequisites & Requirements
- Basic familiarity with mobile device debugging.
- Basic Android system and application knowledge.
- Basic command-line skills.
What will you learn?
- How to interact with Android apps using debugging tools.
- Automating repetitive tasks on a mobile device.
- Extracting hidden information from application logs.
- Managing app data files on Android devices.
- Utilized ADB
Tools
- ADB
- Linux
- Android Emulator
Job Positions
Penetration Tester
Tags
AndroidAdb ShellApk AnalysisMobile Penetration TestingInsecure Data StorageRuntime Analysis