Opening the challenge we are greeted with the following description:
Thor has been staring at this for hours and he can't make any sense out of it, can you help him figure out what it is? thor.txt
Download the file with wget and since its proposed as .txt lets try to more it:
mv thor_7101f3b9690d5dc6c3afefa49d82e0526b278ec1c564139369ad22c28721d4cf.txt thor
more thor
00000000: 4c5a 4950 01b3 007f b61b edf0 8440 58e3 LZIP.........@X.
00000010: 91de 1027 5861 8a67 4282 46a4 92f9 4cad ...'Xa.gB.F...L.
00000020: 2d5d 14eb 3099 2c31 01c2 d13a 74d2 c620 -]..0.,1...:t..
00000030: de27 3a8f fa92 0644 5468 2d02 01fa 24bb .':....DTh-...$.
00000040: 719f a0fd a191 1678 8bff a2c4 2627 9871 q......x....&'.q
00000050: 83bf cff2 f8af 99fa c465 2b7c 6bdf ee3c .........e+|k..<
00000060: b71b f61b 0b5e 0ce7 d14f f6a8 0466 6470 .....^...O...fdp
00000070: de67 02da 7be1 1abd e9f0 ac87 131a bcc0 .g..{...........
00000080: 0b0b 9f31 9400 48e3 616a 8f3f 4804 79ad ...1..H.aj.?H.y.
00000090: a6bb 863a f641 01da b1ee c4fe b338 9289 ...:.A.......8..
000000a0: 2a90 8302 4170 773c 88d3 2641 d274 f533 *...Apw<..&A.t.3
000000b0: 84cf e7d9 f687 3b12 1516 970e 04c2 cfdd ......;.........
000000c0: c1ca dc46 981d 2a7c 1b39 cb0b 4f8c 58cc ...F..*|.9..O.X.
000000d0: 46b4 9744 4cb1 fbd3 c632 f36d ecbf 4789 F..DL....2.m..G.
000000e0: 00b8 d4fc 51a8 394e de2a 1a2d 3c43 179c ....Q.9N.*.-<C..
000000f0: 9623 f971 2935 9564 9e15 c771 c3d5 d8b1 .#.q)5.d...q....
00000100: a7fa 3c0c f869 b829 f6d6 f145 6d57 b3a1 ..<..i.)...EmW..
00000110: bd3f 3fc2 a41f 7e35 089c de29 1d55 debf .??...~5...).U..
00000120: 5400 c548 5c02 cd6c f853 e3e6 56b2 e395 T..H\..l.S..V...
00000130: 29d8 3985 d307 d46e 854c 4987 aab8 a5cb ).9....n.LI.....
00000140: 2fea 6b20 6d24 34b3 a2a3 c8e4 247c 6681 /.k m$4.....$|f.
00000150: 51db 7851 752e 4186 2db9 01ae 39ae fed0 Q.xQu.A.-...9...
00000160: 7a77 a8e7 82b2 c78c 272b e621 44d2 03a3 zw......'+.!D...
00000170: f3fb adf9 18b4 681a e4e4 5b17 3c66 128c ......h...[.<f..
00000180: f544 4124 0083 6db4 0e6b be29 2142 16b7 .DA$..m..k.)!B..
00000190: dd6e 9b78 26a6 71b1 2ec2 dfce 2d6e 8d01 .n.x&.q.....-n..
000001a0: 1786 d101 f184 a798 b0eb c3c8 8a0c a867 ...............g
000001b0: 34e7 0c71 c350 722e e1be 9913 cfb3 a6bf 4..q.Pr.........
000001c0: aa79 8eeb 8df6 02b1 e541 e0ed d3a1 ca85 .y.......A......
000001d0: 469d 0589 99ab 2e77 e388 0180 c7e4 83e8 F......w........
...
Ok..
We got a file with a clear text hexdump in it. More precisely a hexdump of a lzip file as per the magic numbers.
At this point I wondered if xxd has an option to turn a hexdump into a file. So far I have mostly used xxd to examine the hexdump of different files.
It took a single google to find that xxd has -r option. Putting the hex dump back to a file:
cat thor | xxd -r > thorfile
We've got our thorfile which is presumably an lzip file. Lets try to decompress that file:
lzip -d thorfile
This will give us a file: thorfile.out by all logic, we are now in posession of an unzipped file, lets look at the beginning of a hexdump to see what are we dealing with:
00000000: ffd8 ffe0 0010 4a46 4946 0001 0101 0048 ......JFIF.....H
That's all we need thx!
xdg-open thorfile.out
And we are greeted with the flag:
This flag was very easy, everything was straight forward for me. The learning happening with this was the fact that you can put valid hex dumps back into binaries.
Ei kommentteja:
Lähetä kommentti