Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tlamb96/kgb_messenger

An Android CTF practice challenge
https://github.com/tlamb96/kgb_messenger

Last synced: about 1 month ago
JSON representation

An Android CTF practice challenge

Host: GitHub
URL: https://github.com/tlamb96/kgb_messenger
Owner: tlamb96
Created: 2018-04-06T05:22:26.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2019-07-04T23:46:20.000Z (over 5 years ago)
Last Synced: 2024-08-01T13:26:36.128Z (4 months ago)
Language: Java
Homepage:
Size: 4.07 MB
Stars: 108
Watchers: 4
Forks: 16
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-mobile-CTF - KGB Messenger
Awesome-Android-Reverse-Engineering - KGB Messenger - KGB Messenger is an open source CTF practice challenge that aims to help people learn how to reverse engineer Android applications. (CTFs and CrackMes / Case Studies)
awesome-hacking-lists - tlamb96/kgb_messenger - An Android CTF practice challenge (Java)

README

# KGB Messenger

[APK Download](https://drive.google.com/file/d/14hXB4vXoEk6l-RGJh5B5XRwNhYr1b9bm/view) \| [Video Lecture](https://youtu.be/m9UZnWLLurY) \| [Video Walkthrough](https://youtu.be/ddxhuz1bmj4) \| [MasonCC](https://competitivecyber.club/)

## Introduction
KGB Messenger is a open source CTF practice challenge that aims to help people learn how to reverse engineer Android applications. If you're completely new to Android application reverse engineering, I'd suggest you start by watching the video lecture from George Mason University's MasonCC club. If you're stuck on any of the challenges, feel free to peek at the video walkthrough for some help. Timestamps have been provided in the walkthrough video's description to prevent unwanted spoilers. To get started, download the APK and read the challenge descriptions below.

# Challenges
You are working for the International Secret Intelligence Service as a reverse engineer. This morning your team lead assigned you to inspect an Android application found on the phone of a misbehaving agent. It’s rumored that the misbehaving agent, Sterling Archer, has been in contact with some KGB spies. Your job is to reverse engineer the application to verify the rumor.

The challenges should be solved sequentially. The flag format is FLAG{insert_flag_here}. Good luck!

## Alerts (Medium)
The app keeps giving us these pesky alerts when we start the app. We should investigate.

## Login (Easy)
This is a recon challenge. All characters in the password are lowercase.

## Social Engineering (Hard)
It looks like someone is bad at keeping secrets. They're probably susceptible to social engineering... what should I say?