Let's start borderland In starting the machine doesn't look insane at all getting initial shell is not that hard but what new for me was pivoting the router and reading the Data. Walkthrough: Let's start with nmap scan nmap -sC -sV <ip> Okay so port 80 have http server I will run dirbuster to check for Directories with that we can check out the apk given by them. I took hint and the first key is in apk. Here we go we can already see something interesting lets extract out the source code with the .git. I used GitTools to extract all source code. https://github.com/internetwache/GitTools I checked out first commit to find out anything leaked within source code or not. According to hint the WEB key will be in webpage. So we got our first flag with it we can check out the first 20 letter of any key in api.php Let's search for GIT flag. grep -rn GIT So we got GIT flag but we can see 20 letter or AND flag only so i extracted the app using apktools apktool d mobile.apk g...