MQCyberSec

MQCyberSec Logo

MQCyberSec
Back to Writeups

Fin 'n' find

by sealldev & finnersio
🚩 CTFs SecEdu CTF 2024 forensics
Fin 'n' find / SecEdu CTF 2024
Fin 'n' find

Description

One of the employees, Layton, has taken you aside, and is wondering if you can help fix a zip file that they broke. There seems to be some sensitive information hidden inside of it, we might as well have a look at this too (it's within scope) ;)

Original Writeup on seall.dev

We are given a zip files.zip.

I extract the zip’s data with 7z:

$ 7z x files.zip
7-Zip [64] 16.02 : Copyright (c) 1999-2016 Igor Pavlov : 2016-05-21
...

Scanning the drive for archives:
1 file, 258185 bytes (253 KiB)

Extracting archive: files.zip
WARNING:
files.zip
The archive is open with offset

--
Path = files.zip
Warning: The archive is open with offset
Type = zip
Physical Size = 258185

ERROR: Headers Error : random_files
                   
Sub items Errors: 1

Archives with Errors: 1

Sub items Errors: 1

It extracts to a random_files folder, with some errors.

I then run a basic grep -iR to recursively search all the files for the flag.

$ grep -iR 'SECEDU' .           
be32dd5e3b6c8748.txt:SECEDU{w04h!_th4t_w45_c0mpre55ing}

Well, all done!

Flag: SECEDU{w04h!_th4t_w45_c0mpre55ing}

Related Writeups

Chunked Integrity

This is one of my favorite images! Unfortunately something has gone wrong and I cant see the whole thing, can you help f ...

Just Packets

Here pcap. Find flag.

Keeping on Schedule

One of our computers on the company network had some malware on it. We think we cleared of the main payload however it c ...

Share this writeup

Contribute

Found an issue or want to improve this writeup?

Edit on GitHub