in this reverse engineering challenge, we can see that an .apk file (more info here : https://fileinfo.com/extension/apk ) is linked to this challenge.
according to the short description, this challenge does not have to be super-bodied, finally for the elite! ^^
after downloading the .APK file named "not-the-droid.apk", i decided to see what kind of file is this file? (That's a lot of files is not it ? :D)
we can see that this apk is a zip file we will unzip the latter to see its contents.
inside, we could say: "nothing unusual, the usual files and files related to an APK"
but it's strange, something is unusual, a folder "dex-layout"? Hmmm unusual in an APK.
so go explore it together!
a folder "dex-layout",strange and that contains it? another folder named "parsedump" quite intriguing as file name! But what is inside the "parsedump" folder? a file named "dex-layout.dex"
"OK dude, but what is this famous .dex file ???" Do not panic, we will see together the type of file:
as a file containing an ASCII text, would not this be our flag?
and oh yes! it only remains to validate it!
also, as I had time to lose, for the lazy like me I made available a script in bash that allows to get our flag faster :D
r3q, From SinHackTeam.