HackTheBox Sherlock - HookFlare скачать в хорошем качестве

HackTheBox Sherlock - HookFlare

HookFlare is a Medium Difficulty Sherlock from Hack The Box created by 0xS1rx58. It challenges the player to investigate a SMS phishing attack (aka SMISHING) by analysing system data from an Android phone and then performing some reverse engineering on a malicious Android app. You can play the Sherlock yourself here: https://app.hackthebox.com/sherlocks/... This video is the walkthrough of how I personally approached this challenge, and does not represent any HackTheBox official solution. You may choose to solve this challenge however you wish :) 00:00 Intro 00:09 Introducing the Sherlock 00:25 Reading the scenario and downloading the artifacts 02:41 Extracting the files from the disk image using FTK Imager 03:54 Introducing AleApp APK analysis tool 06:39 Q1 - Identifying the Smishing message 07:53 Q2 - Finding the timestamp of the malicious app download 09:02 Q3 - Finding the malicious package name 09:51 Q4 - Checking Runtime Permissions assigned to the malicious Android application 10:56 Q5 - Determining when the app was last launched using permission usage timestamps 12:08 Decompiling and reverse engineering the apk file 34:32 Q6 - Finding the data exfil URL 34:56 Q7 - Identifying the HTTP method used for the weblistener status check 35:17 Q8 - Identifying the backup data exfil URL 36:01 Q9 - Finding the encryption key 37:17 Q10 - Extracting the exfiltrated data using Wireshark and decrypting it using CyberChef 41:58 Outro Tools Used: FTK Imager: https://go.exterro.com/download-ftk-i... ALEApp Android System Analyser: https://github.com/abrignoni/ALEAPP JADX APK Decompiler: https://github.com/skylot/jadx Wireshark: https://www.wireshark.org/ CyberChef: https://gchq.github.io/ Thank you to 0xS1rx58 for creating and submitting this Sherlock. You can find and leave them some respect at their HTB Profile: https://app.hackthebox.com/users/510143