## Hello World - Andriod - Escathon 2026 > Handout: helloworld.ab Starting off, I looked online for a way to view .ab files and found this tool on github: {%preview https://github.com/nelenkov/android-backup-extractor/releases/tag/latest %} After running the tool on the file, I required a password to decrypt it.  The password was just `hello world`, but I ended up bruting it anyways. > You can make a hash using `android2john` and brute using rockyou.txt The backup.tar gave us the andriod RDNS packages. The one that stood out was obviously `com.mcsc.helloworld`  There were some database files and an apk inside. I opened the apk files in jadx for static anaylsis.   Off the static analysis, I came to the conclusing that `sqlcipher` was used. I also found class `NoteDatabase` in the `MainActivity` class. Which on opening gave us the dbname and password.  With info that sqlcipher was imported, I went into the db folder and opened the` .notinhere.db ` using sqlcipher. > sqlcipher Usage Steps: (source: Google) > Set Key: Immediately after opening the database connection, execute PRAGMA key = 'your-passphrase'; to decrypt the database in memory. > > Operations: Perform standard SQL queries (SELECT, INSERT, etc.). SQLCipher handles encryption/decryption automatically in the background. I used the passphrase we got in `NoteDatabase` class and found the flag inside notes db.  Flag: esch{he1!0o0o0o0o0_w0r!d} PS: Only android one I solved, but it was super fun. Was my first solve of escathon as well :D