Decrypt Key [Android APP] [No obfuscator]

Posted April 29, 20178 yr

Difficulty : ??? ( to be seed )

Language : Java , C++ (shared lib)

Platform : Android

OS Version : 4.1 or higher

Packer / Protector : none

VirusTotal : https://www.virustotal.com/it/file/5b8209bda95aae17a54f4c76eca3ae031d06b2ad2c1b3eef419fb71ea637ad94/analysis/1493482420/

Download : app-release.apk

1) What should I not do?

This challenge does not require to bypass the password input

2) what should I do?

This challenge asks to get the key wherever possible

3) Is the program in question copyright protected?

No, you can do what you want

4) The password has hashed? NO

5) Has the password been encrypted? Yes

Solved by crystalboy

April 30, 20178 yr

Go to solution

April 30, 20178 yr

Solution

Solved.
Here the step that i made to solve it.

Spoiler

Apart from the dirty serial chosen the level in my opinion is 3/10.

I choose the quick way to solve it:
1) Develop a quick application to sniff the signature of the original apk


public String getSignature()
{
	PackageManager pm = this.getPackageManager();
	PackageInfo pi = null;
	try 
	{
		pi = pm.getPackageInfo("windoz.crackme", PackageManager.GET_SIGNATURES);
	}
	catch (PackageManager.NameNotFoundException e1) 
	{
		e1.printStackTrace();
	}
	Signature[] s = pi.signatures;

	String sig = "";

	try {
		MessageDigest v0 = MessageDigest.getInstance("SHA");
		v0.update(s[0].toByteArray());
		String v1 = Base64.encodeToString(v0.digest(), 0);

		sig = md5(v1);
	} catch (Exception e) {
		e.printStackTrace();
	}

	return sig;
}

This give us the MD5 hash of the app signature: "7c4d08d09b241fcd39f3c76ad6e8a3f6"

- Create another application using the same package name "windoz.crackme"
- Import native lib in the project and call it. It will give us the key implemented in the native layer encoded in base64: "jiuLEylUcz8Uf9D9WpMooquanxkbMu1B1kcRTJn5C58="

- At this point we have all data to decrypt the correct serial.

April 30, 20178 yr

Author

53 minutes ago, crystalboy said:
Solved.
Here the step that i made to solve it.
Hide contents
Apart from the dirty serial chosen the level in my opinion is 3/10.

I choose the quick way to solve it:
1) Develop a quick application to sniff the signature of the original apk
public String getSignature()
{
	PackageManager pm = this.getPackageManager();
	PackageInfo pi = null;
	try 
	{
		pi = pm.getPackageInfo("windoz.crackme", PackageManager.GET_SIGNATURES);
	}
	catch (PackageManager.NameNotFoundException e1) 
	{
		e1.printStackTrace();
	}
	Signature[] s = pi.signatures;

	String sig = "";

	try {
		MessageDigest v0 = MessageDigest.getInstance("SHA");
		v0.update(s[0].toByteArray());
		String v1 = Base64.encodeToString(v0.digest(), 0);

		sig = md5(v1);
	} catch (Exception e) {
		e.printStackTrace();
	}

	return sig;
}
This give us the MD5 hash of the app signature: "7c4d08d09b241fcd39f3c76ad6e8a3f6"

- Create another application using the same package name "windoz.crackme"
- Import native lib in the project and call it. It will give us the key implemented in the native layer encoded in base64: "jiuLEylUcz8Uf9D9WpMooquanxkbMu1B1kcRTJn5C58="

- At this point we have all data to decrypt the correct serial.

GG 👍👍

Create an account or sign in to comment

https://forum.tuts4you.com/topic/39496-decrypt-key-android-app-no-obfuscator/

Followers

Go to topic listing

Sign In

Decrypt Key [Android APP] [No obfuscator]

Featured Replies

Solved by crystalboy

Create an account or sign in to comment

Account

Navigation

Search

Configure browser push notifications

Chrome (Android)

Chrome (Desktop)

Safari (iOS 16.4+)

Safari (macOS)

Edge (Android)

Edge (Desktop)

Firefox (Android)

Firefox (Desktop)