Pinocchio
by shreyas-sriram
Pinocchio just made a new app! He says it is very secure… but I think I see his nose growing…
Download the file below.
App-release.apk
Solution
- Download and install the apk
- Find a page which expects a 4-digit PIN
- Enter a random 4-digit PIN to understand the functionality of the application
- We see different responses depending on whether the WiFi is turned on or switched off
- This tells us that the entered PIN is being checked with an external server (can be verified using Burp Suite too)
- Since the PIN is of length 4, it is possible to brute-force the combinations
- Configure the Android Device to work with Burp Suite
- Capture the request in Burp Suite and send to Burp Intruder
- Set payloads from
0000 - 9999
- Set payloads from
- Find that payload
6402returns the flag
Flag
flag{lied_about_this_being_secure}