Operation Orchid
Last updated
Was this helpful?
Last updated
Was this helpful?
Download this disk image and find the flag. Note: if you are using the webshell, download and extract the disk image into /tmp
not your home directory.
()
We can decompress the disk image with gunzip disk.flag.img.gz
and then mount it with sudo kpartx -av disk.flag.img
.
In the mounted volume, there is a file /root/flag.txt.enc
and .ash_history
. Looking at .ash_history
we see the following:
So, it looks like flag.txt.enc
was encrypted and salted using aes256 with key unbreakablepassword1234567
.
We can decrypt the flag.txt.enc
and print the flag with openssl aes256 -d -salt -in flag.txt.enc -out flag.txt -k unbreakablepassword1234567; cat flag.txt
(notice the additional -d
option).
picoCTF{h4un71ng_p457_0a710765}