반응형

layers.txt

bin2ascii

oct2ascii

hex2ascii

base64decode

base85decode


Chimera

Open chimera.bin.img using FTK Imager.

 

I found key.docx.

extract it and rename key.docx to key.zip

 

hmm __main__.py ?

zip password key...

but i couldn't find any zip file.

 

so, i opened chimera.bin.img with HxD.exe. Then i searched "flag".

 

flag.png in flag.zip

good

it is in pdf file stream, but i couldn't find any pdf file. so i just carved it.

it says the file is corrupted, but i can get 61% unziped flag.png

 

 

it is half of flag, but we can read flag :)


Glitch in the matrix

 

DQT : en.wikibooks.org/wiki/JPEG_-_Idea_and_Practice/The_header_part#The_Quantization_table_segment_DQT

 

JPEG - Idea and Practice/The header part

The markers[edit] The header part of a JPEG file is divided into segments, and each segment starts with a marker, identifying the segment. Usually a JPEG file contains 7 different markers. A marker is a pair of bytes, the first is 255 and the second is dif

en.wikibooks.org

 

The DQT area is intentionally covered with 0xFF.

To recover DQT area, I copied and pasted the DQT area of other normal jpg files downloaded from the google.

After many attempts, I could read a flag.

 

we_need_bits_lots_of_bits


Net Matroyshka

 

8.pcap

 

7.pcap

 

 

6.pcap

 

copy&paste rsync data and sum data

 

5.pcap

 

follow > udp stream

 

make 4.zip

no footer signature in 5.pcap.

i think i extracted 5.zip wrong because 5.zip said zip file is corrupted.

 

i couldn't extract 5.zip correctly..

 


Tapesplice

BZh91AY&SY is bz2 header signature

 


denouement.png

use zsteg


Résumé

just copy and paste


Charge Tracker

 

dex2jar sourceforge.net/projects/dex2jar/

 

dex2jar

Download dex2jar for free. Tools to work with android .dex and java .class files. Mirrors: * https://bitbucket.org/pxb1988/dex2jar * https://github.com/pxb1988/dex2jar dex2jar contains following compment * dex-reader is designed to read the Dalvik Executab

sourceforge.net

 

open .jar using jd-gui java-decompiler.github.io/

 

Java Decompiler

The “Java Decompiler project” aims to develop tools in order to decompile and analyze Java 5 “byte code” and the later versions. JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reco

java-decompiler.github.io

 

part1 is here.

done.


Hashcrack 101

www.tunnelsup.com/hash-analyzer/

 

Hash Analyzer - TunnelsUP

Hash type: Bit length: Base: Example Hash Inputs 5f4dcc3b5aa765d61d8327deb882cf99MD5 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8SHA1 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8SHA256 $2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL1

www.tunnelsup.com

1~4 : DES (Unix)

5~9 : md5crypt, MD5 (Unix)

10~13 : sha512crypt $6$, SHA512 (Unix)

 

use hashcat

hashcat.net/wiki/doku.php?id=example_hashes

 

example_hashes [hashcat wiki]

Example hashes If you get a “line length exception” error in hashcat, it is often because the hash mode that you have requested does not match the hash. To verify, you can test your commands against example hashes. Unless otherwise noted, the password

hashcat.net

combination bruteforce attack

dictonary attack

 

반응형

'CTF Write Up' 카테고리의 다른 글

dvCTF 2021 Write up  (2) 2021.03.15
BCA CTF 2021 Write up  (0) 2021.03.14
TRUST CTF 2021 write up  (0) 2021.02.28
Tenable CTF 2021 write up  (0) 2021.02.23
Union CTF 2021 Write up  (0) 2021.02.22

+ Recent posts