InfoSec Institute – CTF Level 8

This is a walkthrough on Level 8 of InfoSec Institute’s CTF challenge. The challenge begins by asking if you’d like to download “app.exe”. Since I’m not about to run an untrusted *.exe file (and I’m on Linux anyway), I decided to open it up in emacs. The flags follow a common format, so performing a string search can’t hurt:

Screenshot from 2015-03-22 17:21:41

Well, that was easy.

This can also be done with the strings command, which prints strings of printable characters. Binary files do have quite a few readable characters, so combining strings with grep shouldn’t hurt (the -i flag means case-insensitive search):

strings app.exe | grep -i infosec

Gives the output:

Screenshot from 2015-03-22 17:27:40

 

 

 

InfoSec Institute – CTF Level 8

Leave a Reply