Solution author: https://twitter.com/1337Moldova
Description: Find the secret John had stolen. Flag looks like:
This was probably the easiest challenge during InfoSec Meetup CTF. We got
johnspc.img.gz, which a GZIP arhive.
gunzip the file and see what's inside. Do not forget to make a backup copy :))
Looks like we got an 1GB filesystem image file. Well, there is nothing else we can do except:
- Mount it right away;
- Analyze with
mountright away :D;
Once image is mounted we can see a bunch of directories and files.
In order to unzip
the_secret.zip file, we need the password to it. After several trials, looks like the password is in the hidden
.password.wav file. Password is: 13371337133713
And the extracted file is a PDF, containing the flag: