Security By Obscurity | Google CTF 2018

Google CTF 2018

Security By Obscurity

Reading the contents of the screenshot you find that some guy named “John” created the firmware for the OffHub router and stored it on an iDropDrive cloud share. You fetch it and find “John” packed the firmware with an unknown key. Can you recover the package key?

You can find my all CTF solution in here

 

When I download attachment I saw the zip file and when I extract zip file I notice this is  the recursive zip file therefore I write shell script code for extracting until no zip file remaning.

 

After run, shell script I found new compression type which is XZ

 

After that, I change .sh file for .xz type. And this changing compression type remain Until I found new.zip file with password protected.

 

I donwload rockyou.txt wordlist file from internet. Also you can find this CTF drive which is given link above. When I extract zip file I found password.txt and this contain password for CTF

CTF{CompressionIsNotEncryption}

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *