DEFCON 18 CTF Forensics 100(f100) writeup
問題文: Find the key
超訳:キーをみつけて。
問題ファイルが何かを確認。
pentest@pubuntu:~/ctf/forensic100$ file f100_6db079ca91c4860f.bin
x86 boot sectorでだそうです。
f100_6db079ca91c4860f.bin: x86 boot sector; partition 1: ID=0x7, starthead 0, startsector 31,
31558 sectors, extended partition table (last)\011, code offset 0x0
ファイルの先頭を確認します。
pentest@pubuntu:~/ctf/forensic100$ hexdump -C f100_6db079ca91c4860f.bin | head
00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
000001c0 01 01 07 00 df fa 1f 00 00 00 46 7b 00 00 00 00 |..........F{....|
000001d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
000001f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.|
00000200 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00003e00 eb 52 90 4e 54 46 53 20 20 20 20 00 02 08 00 00 |.R.NTFS .....|
00003e10 00 00 00 00 00 f8 00 00 3f 00 ff 00 1f 00 00 00 |........?.......|
Continue reading