Google CTF 2018
Security By Obscurity
Reading the contents of the screenshot you find that some guy named “John” created the firmware for the OffHub router and stored it on an iDropDrive cloud share. You fetch it and find “John” packed the firmware with an unknown key. Can you recover the package key?
You can find my all CTF solution in here
When I download attachment I saw the zip file and when I extract zip file I notice this is the recursive zip file therefore I write shell script code for extracting until no zip file remaning.
1 2 3 4 5 6 7 8 9 10 11 12 |
#! /bin/bash unzip -o -qq zipfile.ZIP while [ 1 ]; do ls | grep -v "zip" | grep -v "ZIP$" | grep -v "security_by_obscurity.sh" | while read line; do mv $line $line.zip unzip $line.zip done done |
After run, shell script I found new compression type which is XZ
After that, I change .sh file for .xz type. And this changing compression type remain Until I found new.zip file with password protected.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
#! /bin/bash unzip -o -qq zipfile.ZIP while [ 1 ]; do #ls | grep -v "zip" | grep -v "ZIP$" | grep -v "security_by_obscurity.sh" | while read line; #do # mv $line $line.zip # unzip $line.zip #done #mv new new.xz #unxz new.xz #mv new new.bz2 #bunzip2 new.bz2 mv new new.gz gunzip new.gz done |
I donwload rockyou.txt wordlist file from internet. Also you can find this CTF drive which is given link above. When I extract zip file I found password.txt and this contain password for CTF
CTF{CompressionIsNotEncryption}