Official discussion thread for Investigator. Please do not post any spoilers or big hints.
Any clue ? Basic Knowledge required? I mean, I find what i want, but, not sure what to do with it
I found flag, but it is not accepted and it is not 100% compatible with flag format ( contains some additional spaces). I tried to modify it a little bit to match flag format but no success.
I finally got it, manipulation is pretty simple.
Knowledge you will need to learn, i mean you will learn during that challenge.
Where and how lockscreen password are stored in android.
Recognize hashes and crack them.
Extract a android back up file.
Find how and where backup encrypted file are stored for the specific app.
If you have any question feel free to dm !
Nice challenge, thanks InFeRnOo !
nice challenge! message if you need help
I have the same situation as keeper772. Don’t know what I must do with it.
Solved!
I will share the tricks:
- You need to understand how passwords are stored in Android (device_policies.xml).
- If you use Hashcat, remember to change the mask (you need to).
- For the app that contains the flag, you can find a tool on GitHub
PM me
Could you please help with a little hint? I found a HEX text named pass.key, but I can’t decode this string, I think I’m going the wrong way, as far as I understand I need to decrypt the encrypted backup of the device. And the decryption key is somewhere visible.