Install the given apk.
- Your task is to send an intent with action "dart_ctf".
- Pull the flag from the returned intent.
- Do not reverse the apk.
So what we need to do is to send an intent with action
First lets create a new android application.
Create New Project
Ensure its a
Java based project.
Lets create a new Intent under the
onCreate function. We can see that it accepts a string,
Following that, we are going to call
This basically tries to start that activity and expects a result. As multiple activities can be started, we have added a
requestCode to uniquely identify the activity result that we want. I just gave an arbitary number,
The above is how your code should now look like.
Now let's try running the app. This is what I get in my emulator.
The reason is because I have not installed the given apk into the emulator yet. Simply drag and drop it into the emulator to install the vulnerable
.apk package. Once installed, run your application again.
Great! Our application has successfully started an activity using the intent. But we have not configured the code to process the result.
Basically, we check our request code if equals to the one configured,
2, then extract out the dictionary keys. For each key, we print out to logcat the value. And we have got the flag!