Defeating Root Detection
as expected from opening the app
as usual we do anti-root-detection using one of these tools Objection Or Frida just follow my lead
starting with ADB to connect to nox with this command
adb connect 127.0.0.1:62001
After That We Run the frida-server
adb shell "/data/local/tmp/frida-server" & 
Now After that we use frida-ps -Uia to find the package identifier of the application
now let's run the fridantiroot detection
frida --codeshare dzonerzy/fridantiroot -f owasp.mstg.uncrackable2 -U
now time to find out the secret code for this app
Time For Static Analysis
lets decompile it with jadx-gui to find the function for comparing string and after going to the MainActivity and let's check the code
so as u can see in line 21 the code load a native liberay to use it in CodeCheck funciton
the CodeCheck function compare strings to check if the secret is right or wrong after going to to this function we find it doing something with a byte array so we're going to use ghidra for this
Actually there's multiple solution for this but i'll use ghidra
BTW I'm not into Reverse engineering and
looking at assembly code make me vomitJust A little Bit Of Reversing
now after opening the apk with ghidra u can see the lib directory there's four different subdirectories based on architecture cuz my emulator is X86_64 so im going into that one
now after going to exports in the symbol tree we can the the Java_sg_vantagepoint_uncrackable2_CodeCheck_bar Function and if u remember the CodeCheck was the name we saw in jadx
After selecting the function u can see in the right side of decompile code if u read through it
notice strncmp looks pretty promising that tell us it's going to compare what we give the input and compare it with the real string and u can see inside it it compare it to local_30
and when we hover on this value we see the char array of value "nahT"
If we used ghidra analyzers the secret code will show up after running the analyzer
Reversing The Secret
now after copying the hex character and pasting them in cyber-chef the secret got reveled
The Secret Is "Thanks for all the fish"
