YALA (PART 1)

This is the fourth challenge from the Mobile section of DSO-NUS CTF 2021. The challenge needs us to brute force the password for the user.

Statement

Time to look at Yet Another Login App. Try to find the right credentials and login!

We are given an apk.

apk

Observation

First I decompile the apk using this website to get the source code in java.

http://www.javadecompilers.com/apk

Then by analyzing the source code we can find a file responsible for the login logic C0742d.java

Observe that the logic is just checking the password against a sha-256 hash

Solution

I need to find a value for str2 such that the hash is equal to 516b36ed915a70852daf6a06c7fd1a1451d8269a8b2c5ae97110bc77b083c420.

I tried reverse the sha-256 hash but found nothing.

So the next thing I do is to brute force the password with rockyou.txt . Hope that some weak password will produce the hash after added with ā€œ)(*&^%$#ā€.

I used the following code to find the password.

import hashlib

f = open('rockyou.txt',errors="ignore").read().split()
ans = "516b36ed915a70852daf6a06c7fd1a1451d8269a8b2c5ae97110bc77b083c420"

for i in f:
    m = hashlib.sha256()
    m.update(")(*&^%$#".encode())
    m.update(i.encode())
    if (m.hexdigest() == ans):
        print(i)

Thankfully, it found aeroplane as the password.

Now we can just generate the flag easily.

import java.security.MessageDigest;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

class Sol {

    public static final char[] f2784a = "0123456789ABCDEF".toCharArray();

    /* renamed from: a */
    public static byte[] m2369a(String str) {
        int length = str.length() / 2;
        byte[] bArr = new byte[length];
        for (int i = 0; i < length; i++) {
            int i2 = i * 2;
            bArr[i] = Integer.valueOf(str.substring(i2, i2 + 2), 16).byteValue();
        }
        return bArr;
    }

    /* renamed from: b */
    public static String m2370b(byte[] bArr) {
        char[] cArr = new char[(bArr.length * 2)];
        for (int i = 0; i < bArr.length; i++) {
            var b = (bArr[i] & 255);
            int i2 = i * 2;
            char[] cArr2 = f2784a;
            cArr[i2] = cArr2[b >>> 4];
            cArr[i2 + 1] = cArr2[b & 15];
        }
        return new String(cArr);
    }

    public static final String mo3707a(byte[] bArr) {
        byte[] a = m2369a("915FEF11402D050651818133ADFE98509249307131F7240173784135C136E27DDCF1C2898D405C18C7DE75CCD25C9CCF");
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            Cipher instance = Cipher.getInstance("AES");
            instance.init(2, secretKeySpec);
            byte[] doFinal = instance.doFinal(a);
            if (doFinal[0] == 102 && doFinal[1] == 108 && doFinal[2] == 97 && doFinal[3] == 103) {
                return m2370b(doFinal);
            }
            return "00";
        } catch (Exception e) {
            e.printStackTrace();
            return "00";
        }
    }

    public static void main(String args[]) {
        String str = new String(new byte[]{(byte) (-1462734071 >>> 4), (byte) (-385552254 >>> 9), (byte) (1107918732 >>> 19), (byte) (-198649565 >>> 6), (byte) (728446419 >>> 19), (byte) (718529411 >>> 17), (byte) (-2089595746 >>> 19)});
        String str2 = "aeroplane";
        String str3 = str + ":" + str2;
        try {
            MessageDigest instance2 = MessageDigest.getInstance("SHA-256");
            instance2.update(str3.getBytes());
            byte[] digest = instance2.digest();
            System.out.println("CONGRATS! The 1st flag is " + mo3707a(digest));
        } catch (Exception e){

        }
        
    }
}

flag : DSO-NUS{4c7863c34040f76ffbea3f8341370db4e2c0c9bc110bc9755cd4801c54acb0af}

Updated: