Eric introduced our Android Hacking Event already in the lecture. For those of you who haven't heard the announcement:
We are hosting an Android Hacking event @Fraunhofer SIT (Rheinstraße 75) on 17th of march.
There will be Steven and Siegfried from the SSE-Group (Eric Bodden) and Stephan Huber (Fraunhofer SIT)
advising the event. The event starts with a short introduction of the advisors followed by an introduction
of the challenges. The challenges contain different vulnerabilities/security flaws in Android applications.
There will be easy/medium/hard challenges for the participants who will learn how to identify these flaws.
More concrete, the participants will use a new reverse engineering tool called CodeInspect
(http://sseblog.ec-spride.de/2014/12/codeinspect/) and will do a hands-on hacking on these apps.
Don't worry guys, there will be free food
.Are you interested?
For warming up a bit, there will be a little challenge for you...
The following link contains two small Android application that expects a specific password. If you found the password,
there will be a message showing "Congrats!", if you are not entering the correct password, the message will be
"Nice try, but it's wrong...".
http://goo.gl/UrqZgC
If you are able to solve ONE challenge (aka one password in one app), send us the password together with a SHORT description about how you identified it. Enjoy it! Don't worry, more complex examples will analyzed during the event.
@When? 17th march; 7pm - 11pm
@Where? Frauhofer SIT (Rheinstraße 75)
@Register-Process:
- email to siegfried.rasthofer@cased.de containing the password of the challenge + SHORT description
- ends by 28th February (limited space!)
Happy Hacking and see you soon!