Introduction

I found a cool android app to play with a cowboy cat! 
There's has to be more going on with the app I can't see on my screen...

Decompilation

Let’s start the challenge by decompiling the mobile application with jadx.

We get the following file structure :

The AndroidManifest.xml file provides essential information about an Android application, including its components (activities, services, broadcast receivers), permissions, hardware and software features required, and the application’s entry point (MainActivity). The MainActivity is the primary activity that is launched when the user starts the application. :

<activity android:name="com.nahamcon2024.kittykittybangbang.MainActivity" android:exported="true">
            <intent-filter>
                <action android:name="android.intent.action.MAIN"/>
                <category android:name="android.intent.category.LAUNCHER"/>
            </intent-filter>
        </activity>

With JADX, we can view the code of the main activity com.nahamcon2024.kittykittybangbang.MainActivity:

The onCreate function in an Android activity is a lifecycle method that is called when the activity is first created. It is where you typically initialize your activity, set up the user interface with setContentView, and perform any startup logic such as initializing variables, setting up listeners, or starting background tasks :

Lines 31 and 35 indicate that when the user taps on the mobile screen, the text Screen Tapped! and the flag are logged using the Log.i function.

It is possible to observe the application’s logs using an emulator while running the application.

Emulation

We will install and launch the application in an emulator to observe the Log outputs.

For my part, I will use an AVD (Android Virtual Device) with Android Studio.

Then when clicking on the screen and checking the log outputs from Android Studio’s Logcat tab, we can see the flag directly :