Rooted!
Nice box 
Enjoy htb!
So Iâm not sure that many people know this but ⊠hopefully this isnât marked as a spoiler âŠ
Android Studio has a built in emulator that works on all platforms. Whenever its emulated, you can also use adb to overwrite files, install apps, or do anything you want.
Also ⊠the connection issue could be related to DNS
Hope this helps someone!
I can easily get the user, but I canât get the shell, any tips?
Maybe there are some connections restrictions. Use what you know that can surely work
Having trouble connecting, showing me âUnable to connect to server!â error despite being able to open the web and ping the address, tried switching emulators but no luck. any clue on whatâs wrong?
Thanks.
Follow these instructions to get anbox working on Debian or ParrotOS Pwnbox
This is not a easy box, this must stop !
Pls real qualify machines
This is very weirdâŠ
I get âUnable to Connect to Serverâ while clicking on âCheck Statusâ 
All I can say is that the SDK version used to load the emulator definitively matters! I was having a hard time to intercept the request from the a**, but after changing the SDK version (and just that), Burp got it immediately.
I realized that just now after noticing people using Anbox that has officialy available versions up to 8.1 only, but thank you very much for the tip!! Giving you respect on htb 
It seems the app isnât making a secure request, so cert pinning isnât even needed. Earlier versions do not approve of this behaviour. It would be awesome if the author exported the app with certificate pinning, as every modern app does so⊠Frida would be needed here.
installed anbox, still canât manage to get the app to connect. ip address and web are still accessible from the device tho, so far iâve tried genymotion and android studio with no luck 
Like a lot of other people on here I can get the app to run in an emulator (Android Studio) but it wonât connect to the server (unable to connet to server). However from a browser within the emulator I can connect to the server via both IP address and routerspace.htb name. If anyone has come across this and solved it, a nudge would be appreciated. I have noticed IPv6 DNS queries flying around but I donât think thatâs the problem (I hope).
This is a very nice box to play with. 
FOOTHOLD: Obvious. Play with your .apk, see whatâs going on.
USER: Reverse shells not working? Check who you are, try to write to that special file inside the special hidden directory in p**lâs home.
ROOT: Recent CVE. âWhatâs the magic word to get what you want?â
Hey there, i had the same issue, it took me a while for using an emulator.
For those using the emulator, with the web browser working properly, but still getting the âUnable to connect to server!â do this (Not needed if using a network bridge on virtualbox):
./adb root
./adb remount
./adb pull /system/etc/hosts
nano hosts
â add line to file:
10.10.11.148 routerspace.htb
Finally:
./adb push ./hosts /system/etc/hosts
If you use an emulator it wonât use the /etc/hosts from host, and if like me you use dnsmasq, youâll notice you have to disable dnsmasq .
If this worked, please give me a little respect on my htb profile
It would be much cooler if the author used cert pinning.
Hey there, see my response to rx80, if you try with the emulator.
If the tip worked, please give me a little respect on my htb profile . Thanks!
if it werenât your hints I would be smashing my head on the wall⊠thank you man! kudos for the hints! #rooted
plz give some nudges for root
Classic enumeration tools should point you in the right directions