[電安CSP] 2015 TWedu CTF Eve writeup

1
2
3
4
5
Description
  You sniffed some tcp streams from Snoopy. Can you find the secrets?
Hint
  1. HTTP content usually is compressed, try to decompress it.
  2. wrong password!? Something will be wrong. Have you checked everything is correct?

你會先得到一個封包檔,大致上掃過一次之後就打算 Export HTTP Object 出來,看起來有個 zip 檔跟一個網頁,把網頁打開就會得到第一把 flag

CTF{y0u_c4n_533_7h15_p463!y0u_4r3_7h3_pc4p_k1n6!!}

底下有關於 flag2 的提示

1
2
3
4
5
6
Here is a encrypted gift to Snoopy.
password: This_is_the_passwr0d_of_zip_it_is_not_the_flag_2
md5: 19dc2819a12d1f5863ddabe36ce7079f
par2: 
	gift.zip.par2: cbf77a48e816d892ee3217ce896fd0e5
	gift.zip.vol0+3.par2: 611f6b8b418899e806fbc1d0a78c7c96

剩下三個檔案分別是 gift.zipgift.zip.par2gift.zip.vol0+3.par2

原本你拿到的 gift.zip 檔案的 md5 跟網頁上面給的 md5 是不一樣的,所以這個 zip 檔案應該是損毀的,然後 par2 副檔名基本上是用來修復 zip 檔案的,在網路上找個像是 QuickPar 的程式就可以將 gift.zip 檔修復打開

然後 gift.zip 的密碼在網頁上面有 This_is_the_passwr0d_of_zip_it_is_not_the_flag_2這樣就可以順利拿到第二把 flag 了 \0w0/

CTF{y0u_c4n_u53_par2_to_r3c0v3r_7h3_br0k3n_f1l3_n0w}

Page View
⬆︎TOP