Deagler's 4n6 Blog

  Android - TEaM U prep (15 points) What item that Rocco was shopping for came back in stock?  From the capitalized letters in the challenge "  TE a M U prep", it suggested that we probably should look into the direction of Temu, a Chinese online marketplace app. The Temu app was also installed on the Android device: The item that Rocco was shopping was likely browsed by Rocco in app or even added into shopping cart at some point. Following this direction, the Temu app SQLite databases from /data/data/com.einnovation.temu/databases  directory have been checked one by one. One of the SQLite databases " ChatDB_BCM6G5ASA5K73AN2N7S3TQYUS2MOBTVG2RFRUULJ_msgbox_2.db " contained some in-app messages that were pushed to Rocco. There was a summary text of " Almost sold out " from summary column where  id  = " 10000010 ''. The relevant info column appeared to have contained a JSON object: If this JSON object was sorted and beautified in NotePad++, it

iOS - Those are Rookie Numbers (25 points) What percentage of players were beat by PlanterPapp? To solve this challenge, we are likely looking for something related to a game app and " PlanterPapp " is probably a gamer nickname. In Magnet AXIOM Examine, 2 hits for search term " PlanterPapp " could be found from the OCR text and both of them were identical screenshots of the same app: Both screenshots have the created time of 2023/12/17 00:20:15. When we look at what application was in focus around that time, the " com.activition.callofduty.shooter " app was in focus. A further Google search of "call of duty mobile chat" showed a similar chat screenshot in Reddit subreddit ( r/CallOfDutyMobile ). The application data of " com.activition.callofduty.shooter " could be found at " /private/var/mobile/Containers/Data/Application/3690AAA8-713A-482B-92F1-3F7D3BCC73E6 ". Under " /private/var/mobile/Containers/Data/Application/3690