Thursday, 31 October 2013

EMCDefendersleague2013 week-1 challenge-2 solution

This is a continuation of my previous blog.This is about week-1 challenge-2.

File for this challenge can be downloaded here :


question : While performing an incident response, the team obtained a rather strange looking file. We need help in analyzing its content.
file name : Contest2.sample

This is about Firmware analysis.
doing a file command on Contest2.sample.gz shows us that its a .gzip (file Contest2.sample.gz)
result : Contest2.sample.gz: gzip compressed data, from Unix, last modified: Thu Sep 12 14:18:08 2013, max compression

hence we do gzip decompression using the command
gzip -d Contest2.sample.gz
you will get the real data file which has to be firmware analyzed.

commands after you put this package into your Linux desktop:
Step 1 : tar -zxvf binwalk-1.2.2-1.tar.gz
step 2 : cd binwalk-1.2.2-1
step 3 : cd src
step 4 : chmod +x
step 5 : ./
step 6 : open a new terminal and type  binwalk -e Contest2.sample(this file is after decompression)
step 7 : cd _Contest2.sample.extracted/
step 8 : cat 1*

There you go you find the flag?

scroll down a bit you can see this :
Here you go: IhPEvuAKhEVMyJFCFPyN

the flag is IhPEvuAKhEVMyJFCFPyN

No comments:

Post a Comment

enter valid comments.Suggestions are most welcome and would be interested in correcting my mistakes.