Introduction

Have you ever wanted to play the guitar on your phone? Here's a free app, with all guitar strings included for free!

Decompilation

Let’s start the challenge by decompiling the mobile application with jadx.

We get the following file structure :

Strins.xml

The strings.xml file in an Android application is used to store static text values, such as UI strings, labels, and messages. It helps in managing and organizing the text content separately from the code, making it easier to update and localize the application for different languages. This file can contain various types of strings including plain text, formatted text, and references to other resources.

This file can be accessed via the following path with JADX:

By doing some research in this file, we find a suspicious string secret_string.

The string seems to be encoded in base 64, let’s try to decode it :