Bigdroidos | 201 Patched

Automatic backups on a Strato root-server with OpenBSD.

Bigdroidos | 201 Patched

I connected the device/emulator and ran the script:

frida -U -f com.bigdroidos.ctf -l bypass.js

Upon clicking the "Login" button with random credentials (e.g., "test" / "test"), the Frida script intercepted the call. The application immediately redirected to the FlagActivity. bigdroidos 201 patched

As this was a "Patched" challenge, a more permanent solution involves modifying the APK itself (smali patching) to bypass the check permanently. I connected the device/emulator and ran the script:

  • Rebuild & Sign:
  • Install: Install the patched APK. The login button now accepts any input.

    • Note: Bare-metal installation (directly on PC hardware) is strongly discouraged due to driver incompatibilities and security risks. Upon clicking the "Login" button with random credentials (e

    The BigDroidOS project has a rocky history of maintainership. The original developer, known only by the handle “BigDroidXDA,” stopped updating the source tree in early 2023. Since then, various third parties have released “patched” versions, each with different feature sets and security postures.

    Currently, no official “202” or “301” build is planned. However, a new fork called BigDroidOS-NG (Next Generation) is reportedly in development, focusing on Android 13 GSI (Generic System Image) compatibility and Wayland support. Whether it will inherit the “patched” naming convention remains to be seen.

    For now, BigDroidOS 201 Patched remains a static, snapshot release—useful for archival and tinkering, but not recommended for production or daily use.