Wednesday 29 January 2014

Nullcon HackIm 2014 Misc-2

Question : Tracked sam in level 1? Cool. But now you more details. His USB drive gave you a swf file. Now, think like level 1, but more like a pro, and find his email id.

Well Its simple as it looks..
Just a swf to xml will do the job..

Link : http://ctf.nullcon.net/data/2014/lev/misc/Level2.swf

I installed a software called swfmill
Command i used : swfmill.exe swf2xml Level2.swf Level2.xml

we get a error which is a hex code : %68%74%74%70%3a%2f%2f%62%69%74%2e%6c%79%2f%31%61%4c%49%59%76%57

after converting the hex to ascii we get a link http://bit.ly/1aLIYvW which is a apk file.

Now after a long time waiting for a apk reversing i got this :-)

First method is renaming it to rar and extracting the contents will give 1 folder and 3 files namely res,resources.arsc,classes.dex,AndroidManifest.xml

i got a email in about.xml and it was this research@foundstone.com  which was wrong.Now only thing left out was classes.dex i used dex2jar to convert classes.dex to a jar file so that i can use jar file to see the java files.
I used JD(Java Decompiler) to get the java files.I found the email in com-service->Loginservice
Email was : sam0908nlu771@gmail.com

FLAG : sam0908nlu771@gmail.com

No comments:

Post a Comment

enter valid comments.Suggestions are most welcome and would be interested in correcting my mistakes.