HackTheBox – Cat Write-up

Dear readers,

Today’s post is on a mobile challenge, Cat, which was release in 21st March 2020. This challenge introduce the concept of ADB backup via analyzing .ab file so read on if you are interested. Let’s dive straight to it.

Fig 1. Cat, a mobile challenge in HackTheBox

File given

There is only one file being given for the challenge which is cat.ab (you can download the file here). An .ab file is a system backup using Android Debug Bridge (adb). To see the content, we can directly extract the content using the Android Backup Extractor tool. This can be done using the following command to extract the content:

java -jar abe.jar unpack cat.ab <convertedBackup.zip>

No password is required as no password was being set by the creator this challenge. I set the output to result.zip hence all the content is in result folder. You will be able to see the original cat.ab and the result folder provided in the link later.

Flag obtained

Once you extracted the ZIP file, you will see a brunch of folders (see Fig 3a). We are only interested in shared folder as there is where the flag is.

Fig 3a. Folders in the top directory after opening the unzipped folder

Navigate the folders until you reached the Pictures folder using through the following path: shared > 0 > Pictures.

Inside the Pictures folder, you will see a branch of photos. Open up IMAG0004.jpg.

Fig 3b. Photos in the Pictures folder

Zoom in to the bottom of the paper the guy is holding onto. You will see the flag there.

Fig 3c. Flag printed at the bottom of the paper

Flag: HTB{ThisBackupIsUnprotected}

You can download the files for the CTF as well as the extracted files here.

I hope this post has been helpful to you. Feel free to leave any comments below. You may also send me some tips if you like my work and want to see more of such content. Funds will mostly be used for my milk tea addiction. The link is here. 🙂


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.