March 15th, 2020


HackerOne CTF- Thermostat

I wasn't sure what to expect with this one.   The Thermostat.   Android CTF... I didn't have a readily accessible android device... so initially downloaded the file.   Thermostat.apk   well, ok.   I started downloading nox from

However, while waiting for nox, I opened the apk using 7-zip.   I poked around to see if the flag was in plaintext in one of the files.   I eventually found 'classes.dex' and opened it just in notepad.exe on windows.   I searched for flag (forgot the ^flag^ or $flag$ just flag) and found a ton of them.   Eventually I cycled through and found both flags right next to each other.   Boom.   Easy squeezy.

From the hints, I'm guessing I was supposed to approach this a bit differently.   I never did get the APK opened.

Flag0 -- Found

  • Communication is key

  • Have you looked at what the app is sending to the server?

Flag1 -- Found

  • Doesn't the MAC seem interesting?

  • Access to the source code would help

  • Check out the Android Quickstart video from Hacker101