Sleuthkit Intro
Description
Download the disk image and use mmls on it to find the size of the Linux partition. Connect to the remote checker service to check your answer and get the flag.
Note: if you are using the webshell, download and extract the disk image into /tmp not your home directory.
Download disk image
Access checker program: nc saturn.picoctf.net 52279
Solving
- As mentioned in the challenge description we need to find out the length of the partition and when we found the length, we can connect to the app server and get the flag.
- When you have the length, you can use this script to connect and solve the challenge.
- You need to get the length on your own!
#!/usr/bin/env python
from pwn import *
context.log_level = 'critical'
host,port = "saturn.picoctf.net", 52279
print("Mr.Robot: Of course I can get the flag for you!")
length=input("Mr.Robot: Just tell me the length: \n> ")
try:
s = remote(host,port)
s.recvuntil(b"sectors:")
s.sendline(bytes(length,"latin-1"))
s.recvuntil(b"work!")
flag=s.recv().decode('utf-8')
except:
print("Mr.Robot: Oh no! Something went wrong... :-(")
s.close()
print("Mr.Robot: I know - I'am awesome... here is the flag!")
print("\t" + flag.strip())