Please Note: All 4 Challenges can be solved using Android emulator and common reverse engineering tools.

Don’t miss out on your chance to win up to $1,000 cash with our brand new Mobile CTF Challenge! For every flag you find, take a screenshot and send an email to ryan.fahey@infosecinstitute.com to submit your entry! There is no limit on the number of flags you can submit, and winners will be announced via email every Monday starting April 9th.

App CTF Challenge 1: The goal behind this challenge is to figure out the username and password that would let the challenger login successfully. The flag should be “password:username”. (ends 4/6)

App CTF Challenge 2: The goal of this challenge is to extract encrypted data plus its secret from a database embedded inside the application. Successfully decrypting the data reveals the flag. (ends 4/13)

App CTF Challenge 3: In this challenge a library programmed in C++ using the NDK is embedded in the App. The challenger should extract the library, disassemble it and extract the flag. (ends 4/20)

App CTF Challenge 4: In this App, titled Visual KeygenMe, the challenger is presented with an app that opens up the device’s camera for scanning QR code. He or she should generate a valid serial, encode it in QR and show it to the app. (ends 4/27)

Remember that there is no limit to the number of flags you can submit, find one or find them all!

Happy Hunting and Good Luck!