https://capturetheflag.withgoogle.com
Used commands:
- mount
- chroot
- ls -a
State of the art:
Co o oo ntinu e (sadday)
As always, download the attachment, check the file type, rename it and extract the content:
- file 9522120f36028c8ab86a37394903b100ce90b81830cee9357113c54fd3fc84bf
It is a zip file.
- mv 9522120f36028c8ab86a37394903b100ce90b81830cee9357113c54fd3fc84bf firmware.zip
- unzip firmware.zip
The content is composed of a challenge.ext4.gz. Extract it:
- gunzip challenge.ext4.gz
You will get a file called challenge.ext4 that corresponds to the binary file of the firmware. Since we see the file extension, ext4, we can try to mount this binary file:
- mkdir /mnt/firmware
- mount challenge.ext4 /mnt/firmware
- chroot /mnt/firmware/ /bin/bash
The last command is used to execute the command /bin/bash with the root directory set as /mnt/firmware.
Now our root directory corresponds to the / directory of the mounted binary file. The text of the quest says we should hunt for some information inside this binary. I spent several minutes to find plaintext files with "CTF{" content by using the command:
- grep -rnw '.' -e 'CTF{'
but I didn't get anything. This result says us that there are not plaintext files that contain the "CTF{" string, so the possibility is that our solution could be inside a non-plaintext file, i.e. a compressed file.
By searching manually, I didn't find anything. At the end, the treasure is hidden in the / path of the binary file, and you can find it by typing:
- ls -a
In this way we will find a .mediapc_backdoor_password.gz, so, as we thought, a compressed file. Just extract it:
- gunzip .media_backdoor_password.gz
You will get a .media_backdoor_password that you can see always by typing ls -a. Just read the content of this plaintext file and you will get the solution key:
- less .media_backdoor_password
IT'S OVER
If you want to be SPOILED for the solution key, just click below
Nessun commento:
Posta un commento