Duy's Tinkerings

picoCTF 2022 | Sleuthkit Intro Write-up

Challenge description

Download the disk image and use mmls on it to find the size of the Linux partition. Connect to the remote checker service to check your answer and get the flag. Note: if you are using the webshell, download and extract the disk image into /tmp not your home directory.

Download disk image
Access checker program: nc saturn.picoctf.net 52279

Category: Forensics

Solution

As always, we start by downloading and decompressing the file. I used wget and gzip -d for these tasks.

Next, following the challenge’s description, I used the mmls disk.img to check for the size of the linux partition.

Looks like it’s 202752

Give that number to the checker program for the flag

Leguminosae

April 9, 2022

ctf, picoCTF, picoCTF 2022

forensics, picoCTF, picoCTF 2022

Leave a Reply Cancel reply

Enter your comment here…

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

picoCTF 2022 | Sleuthkit Intro Write-up

Challenge description

Solution

Share this:

Like this:

Leave a Reply Cancel reply