This is a continuation of my previous blog.This is about week-1 challenge-2.
File for this challenge can be downloaded here : https://db.tt/s2niLU2s
Challenge-2
question : While performing an incident response, the team obtained a rather strange looking file. We need help in analyzing its content.
File for this challenge can be downloaded here : https://db.tt/s2niLU2s
Challenge-2
question : While performing an incident response, the team obtained a rather strange looking file. We need help in analyzing its content.
file name : Contest2.sample
This is about Firmware analysis.
doing a file command on Contest2.sample.gz shows us that its a .gzip (file Contest2.sample.gz)
result : Contest2.sample.gz: gzip compressed data, from Unix, last modified: Thu Sep 12 14:18:08 2013, max compression
hence we do gzip decompression using the command
gzip -d Contest2.sample.gz
you will get the real data file which has to be firmware analyzed.
Now download Binwalk to your linux from here : https://code.google.com/p/binwalk/downloads/detail?name=binwalk-1.2.2-1.tar.gz&can=2&q=
commands after you put this package into your Linux desktop:
Step 1 : tar -zxvf binwalk-1.2.2-1.tar.gz
step 2 : cd binwalk-1.2.2-1
step 3 : cd src
step 4 : chmod +x debian_quick_install.sh
step 5 : ./debian_quick_install.sh
step 6 : open a new terminal and type binwalk -e Contest2.sample(this file is after decompression)
step 7 : cd _Contest2.sample.extracted/
step 8 : cat 1*
There you go you find the flag?
scroll down a bit you can see this :
Here you go: IhPEvuAKhEVMyJFCFPyN
the flag is IhPEvuAKhEVMyJFCFPyN
No comments:
Post a Comment
enter valid comments.Suggestions are most welcome and would be interested in correcting my mistakes.