mobilemedium

Jigsaw

hackthebox

Task: Decrypt a flag from a Flutter Android APK where the AES-256-CBC key is split across three layers. Solution: Extract Dart source from kernel_blob.bin (debug build), decompile Java/Kotlin from classes3.dex accounting for Java signed arithmetic shift, disassemble native libmenascyber.so for unsigned XOR+ROR, combine all three key parts to decrypt the flag.

$ ls tags/ techniques/
reverse_engineeringandroidapkaeskotlinmulti_layerflutterdartnative_library
flutter_debug_kernel_blob_extractionjava_arithmetic_shift_rornative_so_disassemblyaes_cbc_decryptionmulti_layer_key_assembly
🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Create a free account with GitHub, then upgrade to Pro.

$ssh [email protected]