# Cat

## Overview

Hey everyone, in this write-up we will be solving an HTB challenge Cat.

Link to the challenge: <https://app.hackthebox.com/challenges/cat>

Let’s Start!!!!!!

***

## Initial Setup

First download and extract the given file.

<figure><img src="https://3766366075-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FmgBRtrRN7KBbA6FISaV1%2Fuploads%2FsJ5NJiXeeKWnGqS4tsql%2FUntitled.png?alt=media&#x26;token=b74b3753-77b2-4d23-a866-4b663f109b53" alt=""><figcaption></figcaption></figure>

After extracting the zip, we can see a file named `cat.ab`. I used `file` command on the `Cat.ab` file.

<figure><img src="https://3766366075-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FmgBRtrRN7KBbA6FISaV1%2Fuploads%2FwvSnyBTfjdp6H9mqar32%2FUntitled%201.png?alt=media&#x26;token=cf975ed2-47a5-4451-b5d8-d6c419ac2eb6" alt=""><figcaption></figcaption></figure>

From the output of the file command, we can conclude that the given file is android backup file.

***

## Extracting the Backup File

You can extract file from a android backup using `android-backup-extractor`. Download it.

{% embed url="<https://github.com/nelenkov/android-backup-extractor/releases>" %}

<figure><img src="https://3766366075-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FmgBRtrRN7KBbA6FISaV1%2Fuploads%2FogMKZGWw2CqLOdvigca0%2FUntitled%202.png?alt=media&#x26;token=8ab62458-9a67-48bf-829e-f6975686b219" alt=""><figcaption></figcaption></figure>

Using the command: `java -jar abe.jar unpack cat.ab file.tar` , you can convert a android backup file to a tar file.

<figure><img src="https://3766366075-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FmgBRtrRN7KBbA6FISaV1%2Fuploads%2F3o1JTJ0FavZVjRor033T%2FUntitled%203.png?alt=media&#x26;token=514bafec-512f-49d7-9791-ea53a509672d" alt=""><figcaption></figcaption></figure>

Now its time to extract the tar file using the command `tar xvf file.tar`.

<figure><img src="https://3766366075-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FmgBRtrRN7KBbA6FISaV1%2Fuploads%2FRutziBadPVQtto4mVmhA%2FUntitled%204.png?alt=media&#x26;token=ba75de60-2188-43cd-a012-2c1fcb730e0e" alt=""><figcaption></figcaption></figure>

From the output of the `tar` tool, we can see that there are some images in the `shared/0/Pictures` directory.

<figure><img src="https://3766366075-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FmgBRtrRN7KBbA6FISaV1%2Fuploads%2FV1siB3NDdEbTij0MzTOX%2FUntitled%205.png?alt=media&#x26;token=4d5cf9d5-afe7-44a6-93a9-48d7313391d2" alt=""><figcaption></figcaption></figure>

On taking a look at those images, one of the image contains the flag in it.

<figure><img src="https://3766366075-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FmgBRtrRN7KBbA6FISaV1%2Fuploads%2F7qgzt5Y6j5Rct5LyEAS9%2FUntitled%206.png?alt=media&#x26;token=70a6f882-36a7-4ade-8e2c-37317898c658" alt=""><figcaption></figcaption></figure>

We have successfully obtained the flag.

Thank you…….