The Archive Writeup

VEEXH
The Sleuth Sheet
Published in
4 min readDec 17, 2022
https://hacktoria.com/contracts/the-archive/

PROLOGUE

It was a dark and stormy night when the FBI agents arrived at the warehouse. They had received a tip that the building was being used as a hub for illegal hacking activities.

As they approached the warehouse, they could see that the windows were covered and the door was guarded by a burly man with a stern expression.

One of the agents stepped forward and flashed his badge. “FBI,” he said. “We have a warrant to search this facility.”

The guard hesitated for a moment before reluctantly stepping aside. The agents pushed open the door and stormed into the warehouse, their guns drawn.

Inside, they found row upon row of servers humming with activity. There were dozens of people working at the computers, their faces illuminated by the glow of the screens.

The agents quickly moved in and began arresting the hackers, shouting commands and cuffing them as they went. One of the hackers tried to resist, but he was quickly subdued by the agents.

As the arrests were made, the agents searched the servers and found evidence of countless illegal activities, from identity theft to cyber espionage. It was clear that this warehouse had been the hub of a major criminal operation.

Finally, with all of the suspects in custody, the agents gathered up the evidence and prepared to leave. It had been a successful raid, and they knew that they had made a significant dent in the world of cybercrime.

MISSION BRIEFING

Greetings Special Agent K. As you might know, the end of the year is always signified with a massive uptick in cyber attacks. Particularly DDoS and Ransomware attacks are commonplace during this time of the year. It’s also the time of the year for agencies worldwide, to crack down on the criminal enterprises destroying the downtime of IT personnel everywhere.

Our good friends over at the FBI have done just that. Yesterday morning around 0400 UTC they were able to seize a warehouse full of C2 servers, crypto miners and an entire scam call-center rolled int one.

During this bust, several laptops of key individuals were confiscated. There was however one laptop of which the owner was able to wipe the disk, right as the raid was happening. The FBI was able to recover most of the files, but is left puzzled at several of them.

You might already feel this one coming. One of these archives was sent our way to be investigated. Find out what you can about the file inside the archive. It seems to have been damaged beyond the point of recovery, but the FBI has hopes our best and brightest can uncover something.

As always, Special Agent K. The contract is yours, if you choose to accept.

INSTRUCTIONS

The password starts with “flag-“

MD5 Checksum for The Archive: 2625ae7c180080e580551347831362d7

METHODOLOGY

  • Download The Archive and extract the file
  • Input the file name psvoxkwmo8mm into dcode.fr and choose the CIPHER DISK/WHEEL option from the results table to the left

Do not rename the file to filename.cc in the terms of file presentations, it is a C++ source code file that doesn’t progress the contract. However, a good step to do when lost or confused about what next to do is to either utilize Google but I have a better idea and decided to utilize ChatGPT

ChatGPT response

The .cc is in fact a TLD(Top-Level Domain) and inputting filename.cc into a web browser downloads a zip file. The zip file passarch-mf28fukn2vh723f2 contains a file named password-the-archive which contains the password to the flag file.

flag-gh32398D#C*$C#)*$V3405hv3j524952 : PASSWORD

CONTRACT CARD

--

--

The Sleuth Sheet
The Sleuth Sheet

Published in The Sleuth Sheet

🔍 The Sleuth Sheet: Your favorite All Source Intel resource! Explore curated tools, tips, & captivating CTFs to help you excel in the intelligence field. MULTI-INT strategies that boost your skills to keep you ahead in the intel game! 🌐🏆

VEEXH
VEEXH

Written by VEEXH

I analyze how technology and systematic approaches can address complex global challenges and educate you as best as possible.

No responses yet