Home > CTF, Forensics > DEFKTHON CTF Misc 300 Writeup

DEFKTHON CTF Misc 300 Writeup

Among all the challenges in the miscellaneous category, Misc 300 and 200 made, some sense for me. I have gone through this challenge before in an article. So it was quite easy to solve. They provided us a zip file and we were supposed to find a secret information. Click here to download the file. I downloaded the zip file, and when I tried to unzip, it prompted for a password. My face turned like this 😦 :(. I felt exhausted, whenever questions are asked, to brute force passwords. I closed it and started looking at other challenges. After sometime, I got a hint, the file name inside the zip archive is the password to unlock the contents. When I did it worked, but the problem is, there are many files. So there is no other way other than writing a script.

import os,sys,zipfile

original_file = "73168.zip"

while True:
try:
    original_file = zipfile.ZipFile(original_file)

for contents in original_file.namelist():
    password = contents[0:contents.find('.')]

original_file.setpassword(password)
original_file.extractall()

original_file = password+'.zip'

except:
   break

The script is not complete yet. The clear version of cracking it can be found here. At the end I got a wave file, after fixing the error. When I played it, I heard an unpleasant noise. Immediately I thought the flag can be the noise, i.e the characters are converted into a media stream (wav file). I added a Spectrogram layer in the audio file. Then I was able to see the flag.

defkthon

My guess was right ;). And the flag was BallsRealBolls. 300 points for team bi0s 😉 :D.

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

This Week In 4n6

Your weekly roundup of Digital Forensics and Incident Response news

bi0s

CTF | Amrita

RAM Slack - Random Thoughts from a Computer Forensic Examiner

Random Thoughts from a Computer Forensic Examiner

InCTF

behind the scenes

DFIR Journal

Trials and Tribulations of a DFIR life

I dont know zilch !

For the noobs out there like me

X-Ways Forensics Practitioner's Guide

The Guide to X-Ways Forensics!

Forensic Focus - Articles

Digital forensics articles and research papers

my abbreviations......

gain,learn and share knowledge!!!!

digirati82

Windows Logging Service (WLS), DFIR, etc.

Belkasoft Forensic: The Digital Evidence Blog

Searching for, analyzing and recovering digital evidence

Gail Tredwell. Amma. Truth. Lies. Scandals. Fraud. And. Reality

Three things cannot be long hidden: the sun, the moon, and the truth.

Integriography: A Journal of Broken Locks, Ethics, and Computer Forensics

Musings about UAVs, search & rescue, computer forensics, cyber security, and the state of play in all .....

Life is beautiful

when the mind is full with love, you see beauty in every thing

Techno Krat

.... Dare To Try .......

%d bloggers like this: