CB
Uploaded byChandrapal Badshah
PPTX, PDF639 views

Solving OWASP MSTG CrackMe using Frida

The document discusses solving the OWASP MSTG CrackMe Level 01 challenge using Frida and outlines the tools required, including Genymotion and Frida. It presents methods for bypassing root and debug detection and finding a secret within the app by hooking various functions. The document concludes with an invitation to engage with the content and offers help for any questions.

Embed presentation

Downloaded 11 times
Solving OWASP MSTG CrackMe using Frida Level 01 Chandrapal Badshah
Tools required 1. Genymotion Android Emulator (AVD also works) 2. Android Platform Tools - adb 3. Frida 4. OWASP MSTG CrackMe Level 01 apk file 5. Jadx-GUI Links given below in the description
Before we jump into solving the challenge, let’s see what’s the challenge
The Challenge
Why not static analysis ?
Let’s see a demo and dive into the code
Challenge 1.1 - Bypass the root & debug detection Please pause the video and think of a way to bypass it
Multiple ways to bypass this ● Hook each function c.a() , c.b() , c.c() and b.a() and return false.
Multiple ways to bypass this ● Hook each function c.a() , c.b() , c.c() and b.a() and return false. ● Hook the function a() and change the implementation of it.
Multiple ways to bypass this ● Hook each function c.a() , c.b() , c.c() and b.a() and return false. ● Hook the function a() and change the implementation of it. ● Hook the onClickListener() function of the button and change its implementation.
Multiple ways to bypass this ● Hook each function c.a() , c.b() , c.c() and b.a() and return false. ● Hook the function a() and change the implementation of it. ● Hook the onClickListener() function of the button and change its implementation. ● Hook the java.lang.System class and change exit() function’s implementation.
Multiple ways to bypass this ● Hook each function c.a() , c.b() , c.c() and b.a() and return false. ● Hook the function a() and change the implementation of it. ● Hook the onClickListener() function of the button and change its implementation. ● Hook the java.lang.System class and change exit() function’s implementation.
Let’s do it !
Challenge 1.2 - Find the secret
Challenge 1.2 - Find the secret
Challenge 1.2 - Find the secret
Let’s crack the challenge !
Finally, we solved the challenge !
PLEASE DON’T FORGET TO HIT THE LIKE BUTTON. FOR MORE VIDEOS, PLEASE SUBSCRIBE TO MY CHANNEL. IF YOU HAVE ANY DOUBTS PLEASE LEAVE IT IN THE COMMENTS SECTION.
THANKS FOR WATCHING

More Related Content

PPTX
Pentesting Android Apps using Frida (Beginners)
byChandrapal Badshah
 
DOC
Beats
bySarah Promislow
 
PPTX
Dangling DNS records takeover at scale
byChandrapal Badshah
 
PDF
Detecting secrets in code committed to gitlab (in real time)
byChandrapal Badshah
 
PDF
How to get started in InfoSec ?
byChandrapal Badshah
 
PPTX
OSINT mindset to protect your organization - Null monthly meet version
byChandrapal Badshah
 
PPTX
OSINT Mindset to protect your Organization
byChandrapal Badshah
 
PPTX
OWASP Serverless Top 10
byChandrapal Badshah
 
Pentesting Android Apps using Frida (Beginners)
byChandrapal Badshah
 
Beats
bySarah Promislow
 
Dangling DNS records takeover at scale
byChandrapal Badshah
 
Detecting secrets in code committed to gitlab (in real time)
byChandrapal Badshah
 
How to get started in InfoSec ?
byChandrapal Badshah
 
OSINT mindset to protect your organization - Null monthly meet version
byChandrapal Badshah
 
OSINT Mindset to protect your Organization
byChandrapal Badshah
 
OWASP Serverless Top 10
byChandrapal Badshah
 

Recently uploaded

PDF
Data structure using C :UNIT-I Introduction to Data structures and Stacks BCA...
byKuvempu University
 
PDF
Here’s the case study that shows how companies lose ₹2–6 Cr annually due to m...
bysiddhantdazzlo
 
PDF
Cybersecurity Alert- What Organisations Must Watch Out For This Christmas Fes...
byCybernetic Global Intelligence
 
PPTX
Modern Claims Automation Solutions for Operational Agility
byInsurance Tech Services
 
PPTX
Reimagining Service with AI Voice Agents | Webinar
byCEPTES Software
 
PDF
Ch2 -ENG.pdf COMPUTER ARCHITECTURE L2 INFO
byrogase8895
 
PDF
Digitizing Banquet Management_ Why It Matters for Modern Hotels.pdf
byHotelogix
 
PDF
Red Hat Summit 2025 - Triton GPU Kernel programming.pdf
bySanjeev Rampal
 
PDF
Combinatorial Interview Problems with Backtracking Solutions - From Imperativ...
byPhilip Schwarz
 
PPTX
Binance Smart Chain Development Guide.pptx
bylakshubadai
 
PDF
Blueprint to build quality before the code exists - StackConnect Milan 2025
byLudovicoBesana1
 
PPTX
Lecture 3 - Scheduling - Operating System
bynurulalomador
 
PDF
API_SECURITY CONSULTANCY SERVICES IN USA
bydavidjohansen1597
 
PDF
Advanced Prompt Engineering: The Art and Science
byMaxim Salnikov
 
PDF
Why Zoho Notebook’s AI-Fueled Upgrade Matters for Knowledge Workers in 2026
byEvoluz Global Solutions
 
PDF
Operating System (OS) :UNIT-I Introduction to Operating System BCA SEP SEM-II...
byKuvempu University
 
PDF
Transforming Compliance Through Policy & Procedure Management
byInsurance Tech Services
 
PPTX
application security presentation 2 by harman
byharmanideapad
 
PDF
Cloud-Based Underwriting Software for Insurance
byInsurance Tech Services
 
PDF
Navigating SEC Regulations for Crypto Exchanges Preparing for a Compliant Fut...
byzak jasper
 
Data structure using C :UNIT-I Introduction to Data structures and Stacks BCA...
byKuvempu University
 
Here’s the case study that shows how companies lose ₹2–6 Cr annually due to m...
bysiddhantdazzlo
 
Cybersecurity Alert- What Organisations Must Watch Out For This Christmas Fes...
byCybernetic Global Intelligence
 
Modern Claims Automation Solutions for Operational Agility
byInsurance Tech Services
 
Reimagining Service with AI Voice Agents | Webinar
byCEPTES Software
 
Ch2 -ENG.pdf COMPUTER ARCHITECTURE L2 INFO
byrogase8895
 
Digitizing Banquet Management_ Why It Matters for Modern Hotels.pdf
byHotelogix
 
Red Hat Summit 2025 - Triton GPU Kernel programming.pdf
bySanjeev Rampal
 
Combinatorial Interview Problems with Backtracking Solutions - From Imperativ...
byPhilip Schwarz
 
Binance Smart Chain Development Guide.pptx
bylakshubadai
 
Blueprint to build quality before the code exists - StackConnect Milan 2025
byLudovicoBesana1
 
Lecture 3 - Scheduling - Operating System
bynurulalomador
 
API_SECURITY CONSULTANCY SERVICES IN USA
bydavidjohansen1597
 
Advanced Prompt Engineering: The Art and Science
byMaxim Salnikov
 
Why Zoho Notebook’s AI-Fueled Upgrade Matters for Knowledge Workers in 2026
byEvoluz Global Solutions
 
Operating System (OS) :UNIT-I Introduction to Operating System BCA SEP SEM-II...
byKuvempu University
 
Transforming Compliance Through Policy & Procedure Management
byInsurance Tech Services
 
application security presentation 2 by harman
byharmanideapad
 
Cloud-Based Underwriting Software for Insurance
byInsurance Tech Services
 
Navigating SEC Regulations for Crypto Exchanges Preparing for a Compliant Fut...
byzak jasper
 

Featured

PDF
2024 Trend Updates: What Really Works In SEO & Content Marketing
bySearch Engine Journal
 
PDF
Storytelling For The Web: Integrate Storytelling in your Design Process
byChiara Aliotta
 
PDF
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
byOECD Directorate for Financial and Enterprise Affairs
 
PDF
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
bySocialHRCamp
 
PDF
2024 State of Marketing Report – by Hubspot
byMarius Sescu
 
PDF
Everything You Need To Know About ChatGPT
byExpeed Software
 
PDF
Product Design Trends in 2024 | Teenage Engineerings
byPixeldarts
 
PDF
How Race, Age and Gender Shape Attitudes Towards Mental Health
byThinkNow
 
PDF
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
bymarketingartwork
 
PDF
Skeleton Culture Code
bySkeleton Technologies
 
PDF
PEPSICO Presentation to CAGNY Conference Feb 2024
byNeil Kimberley
 
PDF
Content Methodology: A Best Practices Report (Webinar)
bycontently
 
PPTX
How to Prepare For a Successful Job Search for 2024
byAlbert Qian
 
PDF
Social Media Marketing Trends 2024 // The Global Indie Insights
byKurio // The Social Media Age(ncy)
 
PDF
Trends In Paid Search: Navigating The Digital Landscape In 2024
bySearch Engine Journal
 
PDF
5 Public speaking tips from TED - Visualized summary
bySpeakerHub
 
PDF
ChatGPT and the Future of Work - Clark Boyd
byClark Boyd
 
PDF
Getting into the tech field. what next
byTessa Mero
 
PDF
Google's Just Not That Into You: Understanding Core Updates & Search Intent
byLily Ray
 
PDF
How to have difficult conversations
byRajiv Jayarajah, MAppComm, ACC
 
2024 Trend Updates: What Really Works In SEO & Content Marketing
bySearch Engine Journal
 
Storytelling For The Web: Integrate Storytelling in your Design Process
byChiara Aliotta
 
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
byOECD Directorate for Financial and Enterprise Affairs
 
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
bySocialHRCamp
 
2024 State of Marketing Report – by Hubspot
byMarius Sescu
 
Everything You Need To Know About ChatGPT
byExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
byPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
byThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
bymarketingartwork
 
Skeleton Culture Code
bySkeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
byNeil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
bycontently
 
How to Prepare For a Successful Job Search for 2024
byAlbert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
byKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
bySearch Engine Journal
 
5 Public speaking tips from TED - Visualized summary
bySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
byClark Boyd
 
Getting into the tech field. what next
byTessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
byLily Ray
 
How to have difficult conversations
byRajiv Jayarajah, MAppComm, ACC
 

Solving OWASP MSTG CrackMe using Frida

  • 1.
    Solving OWASP MSTG CrackMeusing Frida Level 01 Chandrapal Badshah
  • 2.
    Tools required 1. GenymotionAndroid Emulator (AVD also works) 2. Android Platform Tools - adb 3. Frida 4. OWASP MSTG CrackMe Level 01 apk file 5. Jadx-GUI Links given below in the description
  • 3.
    Before we jumpinto solving the challenge, let’s see what’s the challenge
  • 4.
  • 5.
    Why not staticanalysis ?
  • 6.
    Let’s see ademo and dive into the code
  • 7.
    Challenge 1.1 -Bypass the root & debug detection Please pause the video and think of a way to bypass it
  • 8.
    Multiple ways tobypass this ● Hook each function c.a() , c.b() , c.c() and b.a() and return false.
  • 9.
    Multiple ways tobypass this ● Hook each function c.a() , c.b() , c.c() and b.a() and return false. ● Hook the function a() and change the implementation of it.
  • 10.
    Multiple ways tobypass this ● Hook each function c.a() , c.b() , c.c() and b.a() and return false. ● Hook the function a() and change the implementation of it. ● Hook the onClickListener() function of the button and change its implementation.
  • 11.
    Multiple ways tobypass this ● Hook each function c.a() , c.b() , c.c() and b.a() and return false. ● Hook the function a() and change the implementation of it. ● Hook the onClickListener() function of the button and change its implementation. ● Hook the java.lang.System class and change exit() function’s implementation.
  • 12.
    Multiple ways tobypass this ● Hook each function c.a() , c.b() , c.c() and b.a() and return false. ● Hook the function a() and change the implementation of it. ● Hook the onClickListener() function of the button and change its implementation. ● Hook the java.lang.System class and change exit() function’s implementation.
  • 13.
  • 14.
    Challenge 1.2 -Find the secret
  • 15.
    Challenge 1.2 -Find the secret
  • 16.
    Challenge 1.2 -Find the secret
  • 17.
    Let’s crack thechallenge !
  • 18.
    Finally, we solvedthe challenge !
  • 19.
    PLEASE DON’T FORGETTO HIT THE LIKE BUTTON. FOR MORE VIDEOS, PLEASE SUBSCRIBE TO MY CHANNEL. IF YOU HAVE ANY DOUBTS PLEASE LEAVE IT IN THE COMMENTS SECTION.
  • 20.