Duy's Tinkerings

picoCTF 2022 | Sleuthkit Apprentice Write-up

Challenge description

Download this disk image and find the flag. Note: if you are using the webshell, download and extract the disk image into /tmp not your home directory.

Download compressed disk image

Category: Forensics

Solution

Having downloaded the file, I used binwalk -e to extract the disk image.

Navigating to the extracted directory, I first attempted grep -r pico to try and find a flag, but no dice.

Perhaps a different term could work? Let’s try flag.txt instead.

That’s a hit!

Knowing the file’s location, I just had to navigate there and obtain the flag

Leguminosae

April 20, 2022

ctf, picoCTF, picoCTF 2022

forensics, picoCTF, picoCTF 2022

Leave a Reply Cancel reply

Enter your comment here…

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

picoCTF 2022 | Sleuthkit Apprentice Write-up

Challenge description

Solution

Share this:

Like this:

Leave a Reply Cancel reply