Press "Enter" to skip to content

[TMCTF] – Analysis-offensive 100

Solution
Given Forensic_Encryption file. After have some analysis, found that it should be an zip file. So, change the first two bytes to 504B

The zip file contains three file(file_1, file_2, file_3).

 

file_1:

It seems like an jpg file. And after take a look at its bytes. i have found that a ascii string

Base64 decode it

 

file_2:

It is an zip file with password protected.

unzip it with password we have got in file1. And we got key.txt

 

file_3:

The file contains the ESP packets. It seems it can be decrypt by the information given in file_2.

We can see the decrypted packet now. And i found there are http packet contains the flag

But the flag are encrypted! After have some research. We found that it is encrypted by the navy m3/m4 enigma machine

So, we can simply decrypt it!

TMCTF{RISINGSUNANDMOON}

Comments

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *