Skip to content
/ InjuredAndroid Public
forked from B3nac/InjuredAndroid

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

0 stars 156 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

wargg/InjuredAndroid

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
InjuredAndroid.apk
InjuredAndroid.apk
 
 
README.md
README.md
 
 

Repository files navigation

InjuredAndroid - CTF

A vulnerable Android application with ctf examples based on bug bounty findings, exploitation concepts, and pure creativity.

Setup for a physical device

  1. Download injuredandroid.apk from Github

  2. Enable USB debugging on your Android test phone.

  3. Connect your phone and your pc with a usb cable.

  4. Install via adb. adb install InjuredAndroid.apk. Note: You need to use the absolute path to the .apk file or be in the same directory.

Setup for an Android Emulator using Android Studio

  1. Download the apk file.

  2. Start the emulator from Android Studio (I recommend downloading an emulator with Google APIs so root adb can be enabled).

  3. Drag and drop the .apk file on the emulator and InjuredAndroid.apk will install.

Tips and CTF Overview

Decompiling the Android app is highly recommended.

  • XSSTEST is just for fun and to raise awareness on how WebViews can be made vulnerable to XSS.

  • The login flags just need the flag submitted.

  • The flags without a submit that demonstrate concepts will automatically register in the "Flags Overview" Activity.

  • The exclamatory buttons on the bottom right will give users up to three tips for each flag.

Good luck and have fun! :D

About

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published