Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1. IRC Checking
- - Go to IRC: #hitbxctf2018 and get flag.
- HITBXCTF{W3lcome_To_HITBXCTF_2018_Online_Qualifications}
- 2. pix
- Try with many tool, and have:
- $ zsteg aee487a2-49cd-4f1f-ada6-b2d398342d99.SteinsGate
- /usr/lib/ruby/2.3.0/open3.rb:199: warning: Insecure world writable dir /mnt/c/ProgramData/Oracle/Java in PATH, mode 040777
- imagedata .. text: " !#865 "
- b1,r,msb,xy .. text: "y5b@2~2t"
- b1,rgb,lsb,xy .. file: Keepass password database 2.x KDBX
- b2,r,msb,xy .. text: "\rP`I$X7D"
- b2,bgr,lsb,xy .. text: "b;d'8H~M"
- b4,g,msb,xy .. text: ";pTr73& dvG:"
- After, get file KDBX with zsteg:
- $ zsteg aee487a2-49cd-4f1f-ada6-b2d398342d99.SteinsGate -E b1,rgb,lsb,xy > test.kdbx
- But file test.kdbz can't open because i don't have password.
- A long time after, i try brute force with rockyou.txt but not good?
- Are you kidding me?
- With hint:
- pix and password
- weak password!
- lower casee letters and number
- len(password) == 10
- hitb + number
- Use John the Ripper, i get password: hitb180408
- Wow, get flag so easy: HITB{p1x_aNd_k33pass}
Add Comment
Please, Sign In to add comment