반응형 전체 글213 Securinets Prequals 2K19 Write-up (Easy Trade) This is a basic forensic question. This is my approach. I only used Wireshark Follow TCP Stream feature. Fortunately, the provided pcap file is not big so I skimmed every line. In the pcap file I found some clues for the flag. Between hosts exchanged the key and flag.txt is sent in a zip file. >> 50 40 03 04 is the signature for zip file I used the Follow TCP Stream function (Analyze >> Follow >.. 2019. 3. 24. TAMUctf '19 Write-up (I heard you like files) As we open the uploaded file, we can see below image. After I downloaded this file, I checked the hidden file itself by binwalk command. $ binwalk art.png DECIMAL HEXADECIMAL DESCRIPTION--------------------------------------------------------------------------------0 0x0 PNG image, 1920 x 1080, 8-bit/color RGBA, non-interlaced3408641 0x340301 PDF document, version: "1.5"3408712 0x340348 Zlib com.. 2019. 3. 24. TAMUctf '19 Write-up (Hello World) As we open the uploaded file, we can see a bunch of tabs and spaces. So I googled whitespace decoder on the Internet. And I got this website to decode whitespaces. >> https://vii5ard.github.io/whitespace/I simply copied and pasted the whitespaces part on the web and I got a below message.As we know we have to find a flag, however, it has nothing at all. Actually, I used this tool for the first t.. 2019. 3. 24. Pragyan CTF 19' Write-up / Welcome I tried this problem at first as its subject is welcome, however, I had a really hard time to solve this problem. My approach is as below. First, I assumed that it has a hidden message so I used steganography decoder right away. BUT, it has no hidden message. Afterward, I simply used fundamental forensics tools such as file and binwalk. 1) file command $ file welcome.jpeg welcome.jpeg: JPEG imag.. 2019. 3. 18. 이전 1 ··· 42 43 44 45 46 47 48 ··· 54 다음 반응형
