Hello, dear friends today I’ll show you how to resolve the CTF Uncrackable – Android Level1.
First, we need to install the application in order to understand what it does and how it works
- adb install UnCrackable-Level1.apk
mmm interesting there is a root detection, so now we will use jadx to analyze the source code.
As we can notice into the onCreate method, there is a check for the root detection, and the second method it just verifies if the secret word is correct. What I’m gonna do to bypass these checks is to modify the smali code.
- Disassemble the apk: java -jar apktool_2.4.0.jar d UnCrackable-Level1.apk
- cd /UnCrackable-Level1/smali/sg/vantagepoint/uncrackable1
- open MainActivity.smali
- now we will delete the code from line 55 until 93
This code is the equivalent of java code
After that, we’ll add a new line of code to get around the secret word
so at line number 134 we will write
const-string p1, “secret”
In this way, we don’t care what is the result of the verification checks because we are changing the value of p1 with the string secret. Now we have to save the file and then we have to rebuild the app
- rebuild the app: java -jar apktool_2.4.0.jar b UnCrackable-Level1 -o crack.apk
- generate a new key to sign the app keytool -genkey -v -keystore crack.keystore -alias crack -keyalg RSA -validity 10000
- sign the app: jarsigner -verbose -keystore crack.keystore crack.apk crack
- delete the old app from the gennymotion and then upload the new one
- adb install crack.apk
Fantastic we completed the Android UnCrackable-Level1