A disturbing lack of taste. Just another WordPress site

27Jan/142

PHD CTF Quals 2014 – lost and found part 2

After connecting to the SSH machine and inspecting the filesystem some interesting directories cames out in /var/cache/man/. After listed them all it seems that they contains huge amounts of files with random name. Listing them using the --color option we found out in /var/cache/man/cap5 that there is an executable SUID bitted.  Executing it turns out that its the tcpdump executable. Running it a lot of garbage packets comes out. Just filter them using "not port 22" and printing also the data of each packet:

/var/cache/man/cap5/a35c4b1e-c4bd-4599-9d7a-da601996862f -XX not port 22

Now just wait a bit and the flag should appear:  6470e394cbf6dab6a91682cc8585059b

Razor4x

Comments (2) Trackbacks (0)
  1. Hi, how did you have the idea to type ls -all –color ?
    I’m searching how they have hide the +s binary…
    Because with normal find command you can’t see it.
    Thanks for your answer.
    Dummys


Leave a comment

No trackbacks yet.