← Back
Flag7 - Root Detection | Avishai’s CTF Writeups

Avishai's CTF Writeups

Yalla Balagan! A collection of my CTF writeups and solutions.

View on GitHub

Let’s first have a look at the challenge:

400

It uses some well known which is called RootBeer:

Let’s simply hook the function isRooted:

Java.perform(function(){
    var RootBeer = Java.use("com.scottyab.rootbeer.RootBeer");
    RootBeer["isRooted"].implementation = function () {
        console.log(`RootBeer.isRooted is called`);
        let result = this["isRooted"]();
        console.log('Bypass root detection');
        return false;
    };
})

And we got the root detection bypassed

400