What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.

2013-06-08

Bright Shadows - Special 7: "Filetypes" [made by Saemon]

Description:

Download the file and follow the instructions in it.
Download the challenge
_______________    _________
|enter solution|  |Check it!|

Solution:
  1. First of all, download the file named filetypes.zip to your computer.
    sp@simple-plan:~$ wget http://www.bright-shadows.net/challenges/special_filetypes/filetypes.zip
  2. Extract it, and read the readme.txt file.
    sp@simple-plan:~$ unzip filetypes.zip -d filetypes
    sp@simple-plan:~$ cd filetypes/
    sp@simple-plan:~/filetypes$ cat readme.txt
    Filetypes Challenge by Saemon for www.bright-shadows.net
    ========================================================

    Just get the password for each part then put the passes together and extract the final file with the solution.

    Don't try to bruteforce the final part - the password is very long.
  3. Now we should follow the instructions to identify the files.
    sp@simple-plan:~/filetypes$ ll
    total 36
    drwxrwxr-x 8 sp sp 4096 Jun 8 06:00 ./
    drwxr-xr-x 51 sp sp 4096 Jun 8 06:00 ../
    drwx------ 2 sp sp 4096 Jan 3 2004 Final Part/
    drwx------ 2 sp sp 4096 Jan 3 2004 Part 1/
    drwx------ 2 sp sp 4096 Jan 3 2004 Part 2/
    drwx------ 2 sp sp 4096 Jan 3 2004 Part 3/
    drwx------ 2 sp sp 4096 Jan 3 2004 Part 4/
    drwx------ 2 sp sp 4096 Jan 3 2004 Part 5/
    -rw------- 1 sp sp 313 Jan 3 2004 readme.txt
  4. Below is the result of first step.
    sp@simple-plan:~/filetypes$ file "Part 1/file"
    Part 1/file: PC bitmap, Windows 3.x format, 381 x 281 x 1
    sp@simple-plan:~/filetypes$ file "Part 2/part2"
    Part 2/part2: Zip archive data, at least v1.0 to extract
    sp@simple-plan:~/filetypes$ file "Part 3/part3"
    Part 3/part3: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, RAR self-extracting archive
    sp@simple-plan:~/filetypes$ file "Part 4/thefile"
    Part 4/thefile: RAR archive data, v1d, os: Win32
    sp@simple-plan:~/filetypes$ file "Part 5/PART5"
    Part 5/PART5: # ISO 9660 CD-ROM filesystem data '20040103_0853'
  5. We can append the appropriate file extensions to the files for passing this challenge.
    sp@simple-plan:~/filetypes$ mv "Part 1/file" "Part 1/file.bmp"
    sp@simple-plan:~/filetypes$ mv "Part 2/part2" "Part 2/part2.zip"
    sp@simple-plan:~/filetypes$ mv "Part 3/part3" "Part 3/part3.rar"
    sp@simple-plan:~/filetypes$ mv "Part 4/thefile" "Part 4/thefile.rar"
    sp@simple-plan:~/filetypes$ mv "Part 5/PART5" "Part 5/PART5.iso"
  6. Let's fetch the password from each part.
  7. Part 1:
    Open file.bmp and you will see the image like below.

    Of course, we got the password of this part. -> firstpart
  8. Part 2:
    Unzip part2.zip and we'll get another file named file. Like always, we use file command to identify it.
    sp@simple-plan:~/filetypes/Part 2$ unzip part2.zip
    Archive: part2.zip
    extracting: file

    sp@simple-plan:~/filetypes/Part 2$ file file
    file: GIF image data, version 89a, 381 x 281

    Okay, it's the same trick. We append .gif to the file and we will see the image like below.

    The password of this part -> zipit
  9. Part 3:
    Unrar part3.rar and we'll get another file named part3. Like always, we use file command to identify it.
    sp@simple-plan:~/filetypes/Part 3$ unrar x part3.rar

    UNRAR 4.00 beta 3 freeware Copyright (c) 1993-2010 Alexander Roshal

    Extracting from part3.rar

    Extracting part3 OK
    All OK

    sp@simple-plan:~/filetypes/Part 3$ file part3
    part3: JPEG image data, JFIF standard 1.01

    Again, we append the .jpeg to the file and check the image.

    We got this password. -> selfextracting
  10. Part 4:
    Unrar part4.rar and we'll get another file named thefile. Like always, we use file command to identify it and append a appropriate extension to it.
    sp@simple-plan:~/filetypes/Part 4$ unrar x thefile.rar

    UNRAR 4.00 beta 3 freeware Copyright (c) 1993-2010 Alexander Roshal

    Extracting from thefile.rar

    Extracting thefile OK
    All OK

    sp@simple-plan:~/filetypes/Part 4$ file thefile
    thefile: Rich Text Format data, version 1, ANSI
    sp@simple-plan:~/filetypes/Part 4$ mv thefile thefile.rtf

    Open it with office or document software.

    We got the password. ->part4rulez
  11. Part 5:
    This is an ISO file, you can use virtual disk to mount it. But I choose 7-zip to fetch the file from it.

    sp@simple-plan:~/filetypes/Part 5$ 7z e PART5.iso

    7-Zip [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
    p7zip Version 9.20 (locale=en_US.UTF-8,Utf16=on,HugeFiles=on,4 CPUs)

    Processing archive: PART5.iso

    Incorrect big-endian headers
    Extracting solution

    Sub items Errors: 1

    sp@simple-plan:~/filetypes/Part 5$ file solution
    solution: Targa image data - Map 567 x 280

    You can open .tga file with image viewer in linux, or install image processing software like GIMP to view it. Below is the image content.

    We got the password. ->justtoeasy
  12. Final Part:
    Use the password equals to "firstpartzipitselfextractingpart4rulezjusttoeasy" to extract the image which contains the answer from final.zip.

    sp@simple-plan:~/filetypes/Final Part$ unzip -P "firstpartzipitselfextractingpart4rulezjusttoeasy" final.zip
    Archive: final.zip
    inflating: Unbenannt.GIF

    Open the image file named "Unbenannt.GIF" and you will get the answer.

Posted by at Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)