M 412: Reversing FlareBear (15 pts)

What You Need for This Project

Purpose

To practice reading decompiled Java code and deducing how to win a game.

This challenge came from the FLARE-ON 2019 Challenges.

Install FlareBear

Download this APK:

flarebear.apk

Install it on your Android device and run it.

Click the "NEW FlARE BEAR" button, give your bear a name, and click the "LET'S GO" button.

You see a bear, as shown below.

There are three buttons you can use to feed, play, or clean the bear.

Click the buttons. The bear's state changes.

The goal of the game is to get the bear into a special state, which will display the flag.

Reading Java

Open the APK in jadx-gui.

Navigate to the danceWithFlag method, as shown below.

This method extracts data from two resources named R.raw.ecstatic and R.raw.ecstatic2 and decrypts them using a password from the getPassword method. That's the flag we want.

Just above the danceWithFlag method, examine the setMood method, as shown below.

To run the danceWithFlag method, two conditions must be true: isHappy and isEcstatic.

Examine the isEcstatic method.

As shown below, this condition requires these values:

These three values all start at zero. To see what the three buttons do, examine these methods:

Figure out how many times to perform each action to reach the Ecstatic state.

Flag M 412.1: Ecstatic (20 pts)

When you win the game, the flag appears, covered by a green rectangle in the image below.

Posted 4-7-21