c0c0n XI DomeCTF Write-Up- GERMANY- Team RedRaptor !!

Arjun Shanker
Oct 8, 2018 · 2 min read

Here’s our story towards the Second Position. In this write-up I will focus on how we captured GERMANY from the day long challenging CTF race which gave us sleepless night organized by AppFabs and Kerala Police Cyberdome. :)

  1. GERMANY:

Our next country to capture was GERMANY.

We are sure about his involvement in the crime. But we need proof.!! I think you can help us! -https://we.tl/t-wq3Xqn5WcQ –

Crime…Yay, its forensics.

The link made us download a zip file ctf0–2.raw.7z a “297 MB” file and it did took some time to get downloaded. !!

Extracted the file and we got file.raw

Image for post
Image for post

So, now its time to do some forencis. We used Volatality (vol.py) an advanced memory forencis framework to dig up the raw file.

Image for post
Image for post

Once we got the profile information, leveraging the possibilities of Volatility, we dumped the embedded files and was able to find a password protected flag.txt as below.

Image for post
Image for post
Image for post
Image for post

Ok. We are at the door of Germany, and now we need the key to open the door to flag.

Let’s see what’s in the clipboard

Image for post
Image for post

Let’s try this password,…… BINGO. Yes it is :D and that’s how we captured Germany.

Image for post
Image for post
domectf{ILko4kCKG6Bo4qtTnm7gm4gR1QhmDWUN}

Yeah!! We were the runners-up for the CTF challenge and congrats to the Gem and Sreelakshmy from RedX team for making it to the top.

A great loud thanks to my teammate Joseph Nygil and special thanks to Chetan, Sreehari and Rakesh S.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store