So the real validation is in native code ( libgraveyard.so ).

Run yields:

For the purpose of this write-up, the solution is to to bypass the digit sum check, then compute:

}

pin = 2306 — but that’s only 4 digits! The check uses atoi(pinStr) , so leading zeros? The PIN entry allows 6 digits, so 002306 would parse as 2306.

But to match “Graveyard Pin” theme — maybe the correct one is CTF{grave123} ? No — strictly numeric.

Run it → finds solutions. Example output:

But 0xDEADBEEF is 32-bit, while pinInt and timeInt are 6-digit max (e.g., 123456). That XOR condition would unless something else is going on.

Check original decompilation again: In checkPin , if native returns true, then flag = CTF{ + entered pin string + } . So we need a PIN that satisfies both sum=24 native check.

Found in the same class:

Apk Time Graveyard Pin Repack ❲2024❳

So the real validation is in native code ( libgraveyard.so ).

Run yields:

For the purpose of this write-up, the solution is to to bypass the digit sum check, then compute: apk time graveyard pin

}

pin = 2306 — but that’s only 4 digits! The check uses atoi(pinStr) , so leading zeros? The PIN entry allows 6 digits, so 002306 would parse as 2306. So the real validation is in native code ( libgraveyard

But to match “Graveyard Pin” theme — maybe the correct one is CTF{grave123} ? No — strictly numeric.

Run it → finds solutions. Example output: The PIN entry allows 6 digits, so 002306 would parse as 2306

But 0xDEADBEEF is 32-bit, while pinInt and timeInt are 6-digit max (e.g., 123456). That XOR condition would unless something else is going on.

Check original decompilation again: In checkPin , if native returns true, then flag = CTF{ + entered pin string + } . So we need a PIN that satisfies both sum=24 native check.

Found in the same class: