| Author | Difficulty | Points | Solves | First Blood | Time to Blood |
|---|---|---|---|---|---|
| Marc | Expert (4) | 326 | 13 | Kalmarunionen | 3 hours |
Tags: Mobile
I heard 4-digits pin is insecure, so I made a 6-digits pin system with custom keyboard to prevent keylogger for my android application.
You are required to create a malicious application to solve this challenge, that is by stealing the user's application PIN. Please submit your APK file to the POC Tester once you have created a working solution.
❖ Note
The POC Tester will first run your malicious application and then the vulnerable application to simulate user interaction in real life. Any permission in your malicious application will be automatically granted. Submit the correct PIN to the connection below to get the flag.