Wei's

PicoCTF - Sleuthkit Intro

26 Sep 2022 picoCTF 

Challenge

Tags

PicoCTF 2021 / Forensics / sleuthkit

Description

Description Download the disk image and use mmls on it to find the size of the Linux partition. Connect to the remote checker service to check your answer and get the flag. Note: if you are using the webshell, download and extract the disk image into /tmpnot your home directory.

Prereguisite

mmls, which is a tool of sleuthkit used to display the partition layout of a volume system (partition tables).

Writeup

  1. Download the file. 
        
 wget https://artifacts.picoctf.net/c/114/disk.img.gz
  2. Unzip. 
        
 gzip -d disk.img.gz
  3. Display the partition layout of a volume system (partition tables). 
        
 mmls disk.img
  4. nc saturn.picoctf.net 52279 and input 202752.
  5. Here’s flag ! picoCTF{mm15_f7w!} ٩(^ᴗ^)۶

Related posts

Archive

solidity picoCTF Go ethernaut linux blockchain sql react smart-contract typescript solana javascript java ethereum css Linux zsh ubuntu next.js jekyll hardhat golang ethers Secureum Rust web wallet vscode truffle shell rpc notion notes nodejs nextjs mocha html github git geth express eslint docker cloudflare Vim DSA