2. What was the teams approach to solving the
challenge ?
Distributed the sections between team members
Tapas handled Network section, Mohit handled Web section and Runcy
handled the Android section
Final review and collaboration of results and screenshots
3. What tools and technologies were used in the
challenge ?
Wireshark
ZAP
Burpsuite
NMAP
Dex2jar
apktool
4. What was the most difficult part of the
challenge and how did you overcome that ?
Initial tests did not reveal the hidden file (embed.php)
Using Zap and analyzing various files/folder structure we discovered the
common folder (which surprisingly was browsable)
Found embed.php (main php config file) which contains sensitive info