Pragyan CTF 2015: Fast and Furious
Category: Android
Points: 100
Solves 69
Description:
fast.apk
Write-up
by polym
After decompiling the fast.apk application file, we detect a hardcoded string, 65544231587a52794d3138316458417a636c396d4e44553343673d3d , in Main.java .
Converting this Hex string to an ASCII string, we get eTB1XzRyM181dXAzcl9mNDU3Cg= , which is a base64 encoded string.
Base64 Decoding this string results in the flag:
$ base64 --decode <<< 'eTB1XzRyM181dXAzcl9mNDU3Cg='
y0u_4r3_5up3r_f457
The flag is y0u_4r3_5up3r_f457 .
Other write-ups and resources
# 注册
public static String a(String paramString) {
StringBuilder stringBuilder = new StringBuilder();
for (byte b = 0; b < paramString.length(); b += 2)
stringBuilder.append((char)Integer.parseInt(paramString.substring(b, b + 2), 16));
return stringBuilder.toString();
}
public static void main(String[] args) {
System.out.println("Hello JAVA");
String str = a("65544231587a52794d3138316458417a636c396d4e44553343673d3d");
System.out.println(str);
}
返回值是:
eTB1XzRyM181dXAzcl9mNDU3Cg==
解密这串base64就是了 |