This is the Digital forinsces challenges writeups for the WICSME AND SANS BOOTUP CTF 2020
Fe01
It was an easy one there was a .rtf file when i opened it using (“libre office Writer”) i found:
by clicking (Ctr+A) I selected all the right clicked to choose paragraph - Text Body
the flag appered
the flag was : n𝑖𝐶𝑒𝐴𝑛𝐷𝐸𝑎𝑠𝑦10018
Fe02
it was a PDF File with a black mark that hide some parts of the text, I Opend it using (“Atril Document Viewer”)
And that what appered:
i was going to reverse the pdf but i noticed Some thing when i highlight a text it appers
so I easily selected the hole file and found the flag:
And the flag was : n1CeReDaCTION-sureLYNot911081
Fe03
when i unzipped the challenge there was a flag.zip password protected
so I knew it’s a simple password cracking Challenge
using zip2john I got the hash
Then by using Rockyou.txt to brute force The password it succeeded
and the password was :
q1w2e3r4t5y6
by using this passsowrd i was able to extract the text file :
the flag was : CraCKInGJ0b-67189
Fe04
it was an .log file So i tried the first thing I could think of
using the command strings with grep flag
so I did that
strings access.log |grep flag
and that was it the flag appeared
the Flag was: nicESearChIng01812
FM01
It was a weird file i used file to idintfy it but it showed Data file
so i opend it on hex editor to see the header
the Hex was similar to a binary file but the header was wrong
So i fixed it by adding the right header
and by using
chmod +x file| ./file
