Big The bank

S C E N A R I O

A forensic image of a bank administrator's mobile device has been acquired, but the most critical data appears to be locked behind a custom encryption layer. The application, com.example.bigthebank, uses a non-standard storage mechanism: instead of relying solely on the Android Keystore, it programmatically encrypts its Shared Preferences into a file with a .esh extension.

Initial analysis shows that while the encryption routine is complex—involving multiple rounds of hashing and iterative AES transformations—the underlying key derivation logic relies on a small, predictable seed. Your mission is to reverse-engineer the APK, identify the flaws in the "15-round" encryption algorithm, and develop a decryption tool to recover the administrator's plain-text credentials.

O B J E C T I V E

Decompile the provided APK using jadx-gui to map out the shared_preferences_handler logic. Identify how the encryption key is derived from a 3-byte hash seed. Use the provided .ab backup and the .esh file to brute-force the initial key state, reverse the 15 rounds of encryption, and extract the username and password from the resulting XML.

Infrastructure  Downloadable archive

Provided Files bigthebank.tar.gz (contains backup.ab and com.example.bigthebank.apk)

Flag Format Flag{username:password}