Official Investigator Discussion

system · November 18, 2022, 8:00pm

Official discussion thread for Investigator. Please do not post any spoilers or big hints.

Onibi · November 29, 2022, 11:55pm

Any clue ? Basic Knowledge required? I mean, I find what i want, but, not sure what to do with it

keeper772 · December 23, 2022, 9:28am

I found flag, but it is not accepted and it is not 100% compatible with flag format ( contains some additional spaces). I tried to modify it a little bit to match flag format but no success.

Onibi · December 27, 2022, 4:36am

I finally got it, manipulation is pretty simple.

Knowledge you will need to learn, i mean you will learn during that challenge.

Where and how lockscreen password are stored in android.
Recognize hashes and crack them.
Extract a android back up file.
Find how and where backup encrypted file are stored for the specific app.

If you have any question feel free to dm !

sh4d0wless · February 1, 2023, 7:49pm

Nice challenge, thanks @Onibi and @aris for their helps about cracking tool

cdoisponto · May 11, 2023, 1:33am

Nice challenge, thanks InFeRnOo !

dug9898 · June 7, 2023, 9:22pm

nice challenge! message if you need help

turroputto · July 6, 2023, 6:30pm

I have the same situation as keeper772. Don’t know what I must do with it.

r00d · March 10, 2024, 4:19pm

Solved!

I will share the tricks:

You need to understand how passwords are stored in Android (device_policies.xml).
If you use Hashcat, remember to change the mask (you need to).
For the app that contains the flag, you can find a tool on GitHub

PM me