M 301: Qark (15 pts extra)

What You Need for This Project

Purpose

To practice using Qark, an Android vulnerability scanner from LinkedIn.

Downloading Qark

In a Web browser, go to

https://github.com/linkedin/qark Click the green Code button.

Download the ZIP file and unzip it, as shown below.

Installing Qark

On your Debian Linux machine, open a Terminal window. Execute these commands:
sudo apt update
sudo apt install git python3-pip python3-full default-jdk -y
python3 -m venv qark-venv
./qark-venv/bin/pip3 install qark
./qark-venv/bin/qark
You see a Qark help message, as shown below.

If you see a message saying "qark not found", reboot your Debian machine.

Scanning the GenieMD APK with Quark

On Debian, execute these commands:
wget https://samsclass.info/128/proj/genie.apk
./qark-venv/bin/qark --apk genie.apk
Qark takes about 30 minutes to unpack all the code and scan it, ending with the path to a report file, as shown below.

After the report is generated, move it to a more convenient location and name with this command:

mv /home/debian/qark-venv/lib/python3.11/site-packages/qark/report/report.html genie.html

Viewing the Report

If you have a Linux machine with a desktop, on your Debian desktop, on the left side, click the folder icon.

Navigate to the genie.htm file, as shown below, and double-click it.

If you are using a headless server, use an scp command like the one below to move the report to your host machine and open it there.

scp debian@192.168.0.245:genie.html .
The report opens in a Web browser, as shown below.

Type Ctrl+F and search for cert to find the SSL certificate validation error, as shown below.


M 301: Unsafe implementation (15 pts)

Find the text covered by a green box in the image above. That's the flag.


Sources

Qark
Android Penetration Tools Walkthrough Series: QARK

Posted 1-24-19 by Sam Bowne
Converted to a CTF 2-28-19
Install python-pip added 2-19-2020
Changed from Kali to Debian 3-10-2021
Updated to Python 3 and Debian 11 2-19-24