CTFtime.org

Blink

by maskofmydisguise / Abs0lut3Pwn4g3

Tags: forensics base64 apktools mobile android 

Rating:

Orignal writeup: [here!](https://www.abs0lut3pwn4g3.cf/writeups/2019/03/05/bsides-ctf-Blink.html)

Blink

Description

Get past the Jedi mind trick to find the flag you are looking for.

We are provided with a blind.apk file.

On installing the app on a mobile, we see this:

![mobile ss](https://raw.githubusercontent.com/Eshaan7/BSidesSF_CTF_2019_datadumps/master/50_blink_COMPLETE/appMobileSS.png)
Then I used apktool to decompile it.

apktool d blink.apk

Going into the smali folder created by apktool

blink/smali/com/example/blink

There’s a `r2d2.smali` file. Inside there’s a string of base64 encoded image.

![r2d2.smali](https://raw.githubusercontent.com/Eshaan7/BSidesSF_CTF_2019_datadumps/master/50_blink_COMPLETE/r2d2img.png)

I saved the string to `blink_r2d2.txt`

cat blink_r2d2.txt | base64 -d > flag.png

On decoding the base64 string, and we get an image and the flag.

![flag.jpg](https://raw.githubusercontent.com/Eshaan7/BSidesSF_CTF_2019_datadumps/master/50_blink_COMPLETE/flag.jpg)

Original writeup (https://www.abs0lut3pwn4g3.cf/writeups/2019/03/05/bsides-ctf-Blink.html).

Comments