PicoCTF – Writeup Darkstar - 2013

<div style="box-sizing: border-box; font-family: 'Segoe UI', 'Lucida Grande', 'Helvetica Neue', sans-serif; font-size: 15px;"> Đây là 1 bài forensic khá cơ bản.<br style="box-sizing: border-box;" />khi mount file ảnh ta thấy rằng là không có file đại loại như key flag, vậy secret nó giấu ở đâu ?<br style="box-sizing: border-box;" /><a href="http://www.uns.vn/wp-content/uploads/2013/05/snapshot47.png" style="-webkit-transition: all 0.5s ease-out; border-bottom-color: transparent; border-bottom-style: dotted; border-bottom-width: 2px; box-sizing: border-box; color: #0090d3; text-decoration: none; transition: all 0.5s ease-out;"><img alt="snapshot47" class="alignnone size-medium wp-image-143" height="176" src="http://www.uns.vn/wp-content/uploads/2013/05/snapshot47-300x176.png" style="border: 1px solid rgb(221, 221, 221); box-sizing: border-box; display: block; height: auto; max-width: 100%; padding: 7px; width: auto;" width="300" /></a><br style="box-sizing: border-box;" />sau khi tìm kiếm thì mình quyết định xem file img bằng trình hex editor, ở đây thì mình thấy<br style="box-sizing: border-box;" /><a href="http://www.uns.vn/wp-content/uploads/2013/05/snapshot48.png" style="-webkit-transition: all 0.5s ease-out; border-bottom-color: transparent; border-bottom-style: dotted; border-bottom-width: 2px; box-sizing: border-box; color: #0090d3; text-decoration: none; transition: all 0.5s ease-out;"><img alt="snapshot48" class="alignnone size-medium wp-image-144" height="161" src="http://www.uns.vn/wp-content/uploads/2013/05/snapshot48-300x161.png" style="border: 1px solid rgb(221, 221, 221); box-sizing: border-box; display: block; height: auto; max-width: 100%; padding: 7px; width: auto;" width="300" /></a><br style="box-sizing: border-box;" />trong file img có chứa 1 file là <strong style="box-sizing: border-box;">key.png</strong> mà mount vào thì không có thì chắc đây là file bị xóa, và mình sẽ recover lại.<br style="box-sizing: border-box;" />sử dụng tools recover ,rất đơn giản sau vài giây là mình đã có được flag <img alt=":D" class="wp-smiley" src="http://www.uns.vn/wp-includes/images/smilies/icon_biggrin.gif" style="border: 1px solid rgb(221, 221, 221); box-sizing: border-box; display: inline; height: auto; max-width: 100%; padding: 7px; width: auto;" /><br style="box-sizing: border-box;" /><a href="http://www.uns.vn/wp-content/uploads/2013/05/snapshot49.png" style="-webkit-transition: all 0.5s ease-out; border-bottom-color: transparent; border-bottom-style: dotted; border-bottom-width: 2px; box-sizing: border-box; color: #0090d3; text-decoration: none; transition: all 0.5s ease-out;"><img alt="snapshot49" class="alignnone size-medium wp-image-145" height="201" src="http://www.uns.vn/wp-content/uploads/2013/05/snapshot49-300x201.png" style="border: 1px solid rgb(221, 221, 221); box-sizing: border-box; display: block; height: auto; max-width: 100%; padding: 7px; width: auto;" width="300" /></a></div> <div style="box-sizing: border-box; font-family: 'Segoe UI', 'Lucida Grande', 'Helvetica Neue', sans-serif; font-size: 15px;"> <strong style="box-sizing: border-box;">Flag:</strong><br style="box-sizing: border-box;" /><a href="http://www.uns.vn/wp-content/uploads/2013/05/f0006146.png" style="-webkit-transition: all 0.5s ease-out; border-bottom-color: transparent; border-bottom-style: dotted; border-bottom-width: 2px; box-sizing: border-box; color: #0090d3; text-decoration: none; transition: all 0.5s ease-out;"><img alt="f0006146" class="alignnone size-full wp-image-146" height="56" src="http://www.uns.vn/wp-content/uploads/2013/05/f0006146.png" style="border: 1px solid rgb(221, 221, 221); box-sizing: border-box; display: block; height: auto; max-width: 100%; padding: 7px; width: auto;" width="192" /></a></div>

PicoCTF – Writeup Darkstar - 2013

Đây là 1 bài forensic khá cơ bản. khi mount file ảnh ta thấy rằng là không có file đại loại như key flag, vậy secret nó giấu ở đâu ? sau kh...

Read more »

For100 - KmaCTF

<div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> Đây là đề bài for100 và các bạn có thể down file tại đây: https://app.box.com/s/vinorlprn6rq3qahv9wl</div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <img alt="" class="bbCodeImage" data-mce-src="http://i.imgur.com/Nq4x86x.png" src="http://i.imgur.com/Nq4x86x.png" style="border: 0px; max-width: 100%;" /></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> Bài này thật sự là rất đáng tiếc vì lúc thi mình không nghĩ ra bài này :( . Lúc về được gợi ý của anh @ẩn sĩ mình đã ra bài này. Để có thể giải bài này các bạn phải biết dùng 1 công cụ là <a data-mce-href="https://code.google.com/p/volatility/downloads/list" href="https://code.google.com/p/volatility/downloads/list" style="border-bottom-left-radius: 5px !important; border-bottom-right-radius: 5px !important; border-top-left-radius: 5px !important; border-top-right-radius: 5px !important; color: rgb(32, 69, 103) !important; margin: 0px -3px !important; padding: 0px 3px !important; text-decoration: none !important;">volatility</a>. Đâu tiên mình phải xem info bằng lệnh: vol -f memorydump.raw imageinfo<br /> <img alt="" class="bbCodeImage" data-mce-src="http://i.imgur.com/RTFD5yW.png" src="http://i.imgur.com/RTFD5yW.png" style="border: 0px; max-width: 100%;" /> </div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <br /></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> Tiếp để xem có những chương trình nào mình dùng lệnh: <span data-mce-style="font-size: 10pt; line-height: 1.5;" style="font-size: 10pt; line-height: 1.5;">vol -f memorydump.raw pslist<br /><img alt="" class="bbCodeImage" data-mce-src="http://i.imgur.com/DmPTyRR.png" src="http://i.imgur.com/DmPTyRR.png" style="border: 0px; max-width: 100%;" /></span></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <span data-mce-style="font-size: 10pt; line-height: 1.5;" style="font-size: 10pt; line-height: 1.5;"></span></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <span data-mce-style="font-size: 10pt; line-height: 1.5;" style="font-size: 10pt; line-height: 1.5;"></span></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <span data-mce-style="font-size: 10pt; line-height: 1.5;" style="font-size: 10pt; line-height: 1.5;"></span></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <span data-mce-style="font-size: 10pt; line-height: 1.5;" style="font-size: 10pt; line-height: 1.5;"></span></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <span data-mce-style="font-size: 10pt; line-height: 1.5;" style="font-size: 10pt; line-height: 1.5;"></span></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <span data-mce-style="font-size: 10pt; line-height: 1.5;" style="font-size: 10pt; line-height: 1.5;"></span></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <span data-mce-style="font-size: 10pt; line-height: 1.5;" style="font-size: 10pt; line-height: 1.5;">Mình sử dụng đến hint 2: theo dõi tiến trình của mã độc. Nhưng ở đây có quá nhiều chương trình mình ko thể biết được chương trình nào chưa mã độc. Mình đã mắc ở đây và không giải được bài này. Lúc về có hỏi anh ẩn sĩ mới biết là mã độc có 1 tiến trình kết nối đến 1 server, mình dùng lệnh: vol -f memorydump.raw connections<img alt="" class="bbCodeImage" data-mce-src="http://i.imgur.com/0jYpNrS.png" src="http://i.imgur.com/0jYpNrS.png" style="border: 0px; max-width: 100%;" />Bạn để ý đến Remote Address có cũng nhiều ip, và mình thử kết nối đến các ip và thấy được ip 203.128.246.78:24788 là đúng, và mình đã lấy được 1 đoạn base64 ở trên đó.</span></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <span data-mce-style="font-size: 10pt; line-height: 1.5;" style="font-size: 10pt; line-height: 1.5;"> <img alt="" class="bbCodeImage" data-mce-src="http://i.imgur.com/f7hGR3W.png" src="http://i.imgur.com/f7hGR3W.png" style="border: 0px; max-width: 100%;" /></span></div> <div style="color: #141414; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; padding: 0px;"> <span data-mce-style="font-size: 10pt; line-height: 1.5;" style="font-size: 10pt; line-height: 1.5;">Công việc bây giờ là decode base64 và submit thôi.</span></div>

For100 - KmaCTF

Đây là đề bài for100 và các bạn có thể down file tại đây: https://app.box.com/s/vinorlprn6rq3qahv9wl Bài này thật sự là rất đáng tiếc v...

Read more »

Writeup for 300 - KmaCTF

<span style="background-color: white;"><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">hào các bạn cuộc thi kmactf vừa mới kết thúc vào chiều nay và mình xin chia sẻ và viết writeup bài for300, bài cũng khá nhiều đội giải được </span><img alt=":)" class="mceSmilieSprite mceSmilie1" src="http://www.kmasecurity.net/xforce/styles/default/xenforo/clear.png" style="background-image: url(http://www.kmasecurity.net/xforce/styles/default/xenforo/xenforo-smilies-sprite.png); background-position: 0px 0px; background-repeat: no-repeat no-repeat; border: 0px; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; height: 18px; line-height: 20px; margin: 0px 1px; vertical-align: text-bottom; width: 18px;" title="Smile :)" /><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">Các bạn down bài về tại đây nhé: </span><a class="externalLink" href="https://app.box.com/s/wl9usam55lauxveqco5v" style="border-bottom-left-radius: 5px; border-bottom-right-radius: 5px; border-top-left-radius: 5px; border-top-right-radius: 5px; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; margin: 0px -3px; padding: 0px 3px; text-decoration: none;" target="_blank">https://app.box.com/s/wl9usam55lauxveqco5v</a><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">Lúc đầu bài này chưa có đội nào làm dc nhưng sau khi có 2 hint: </span><b style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">post method</b><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;"> và </span><b style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">username + clear text password </b><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">thì khá nhiều đội giải dc.</span><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">Đầu tiên mình down file về có pass giải nén là </span><b style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">kmactf, </b><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">mình được 1 file bin. Mình thử dùng lệnh </span><b style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">file</b><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;"> trên linux để kiểm tra</span><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><img alt="[IMG]" class="bbCodeImage LbImage" src="http://i.imgur.com/XPrfSr2.png" style="border: 0px; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; max-width: 100%;" /><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">File .bin mình vừa nhận được nó là 1 file .pcap-ng mình dùng wireshark để mở nó. Mình dựa vào hint thứ nhất post method cho nên mình sẽ tìm các gói tin http request với phương thức POST. Có rất nhiều gói tin nhưng mình thấy có 1 gói tin là login vào 1 forum và mình kiểm tra gói tin đó. Mình đã tìm được username và password</span><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><img alt="[IMG]" class="bbCodeImage LbImage" src="http://i.imgur.com/axUOBvV.png" style="border: 0px; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; max-width: 100%;" /><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">Lúc đầu mình đã đi decode username và password được mrblack, password: kma123. Nhưng đăng nhập ko thành công. Sau đó được 1 cái gợi ý thì username và password được giữa nguyên ko phải decode. Và mình đãng nhâp thành công vào forum </span><a class="externalLink" href="http://www.binrev.com/" style="border-bottom-left-radius: 5px; border-bottom-right-radius: 5px; border-top-left-radius: 5px; border-top-right-radius: 5px; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; margin: 0px -3px; padding: 0px 3px; text-decoration: none;" target="_blank">www.binrev.com</a><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">, mình tìm kiếm tất cả thông tin về nick đó trên forum và mình đã thấy 1 tin nhắn</span><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><img alt="[IMG]" class="bbCodeImage LbImage" src="http://i.imgur.com/WjISajP.png" style="border: 0px; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; max-width: 100%;" /><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">Vậy là giờ mình chỉ cần đăng nhập vào trang quản trị của kmactf.vnsec.net, mình đã thử dùng dùng tool quét nhưng ko ra nhưng được sự gợi ý của anh @phong tử là kiểm tra file robots.txt, mình đã tìm được trang admin là </span><a class="externalLink" href="http://kmactf.vnsec.net/adm1n1sstrat0r/" style="border-bottom-left-radius: 5px; border-bottom-right-radius: 5px; border-top-left-radius: 5px; border-top-right-radius: 5px; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; margin: 0px -3px; padding: 0px 3px; text-decoration: none;" target="_blank">http://kmactf.vnsec.net/adm1n1sstrat0r/</a><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;"> và tìm được flag trong file getflag.txt.</span><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><br style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;" /><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;">Tiện đây mình xin chia sẻ luôn bài For100: </span><a class="externalLink" href="https://app.box.com/s/2ie24cx5yny3w13vnwfr" style="border-bottom-left-radius: 5px; border-bottom-right-radius: 5px; border-top-left-radius: 5px; border-top-right-radius: 5px; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px; margin: 0px -3px; padding: 0px 3px; text-decoration: none;" target="_blank">https://app.box.com/s/2ie24cx5yny3w13vnwfr</a><span style="font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; line-height: 20px;"> (pass giải nén: kmactf). Bài này khá dễ và tất cả các đội đều làm dc bài này. </span><img alt=":)" class="mceSmilieSprite mceSmilie1" src="http://www.kmasecurity.net/xforce/styles/default/xenforo/clear.png" style="background-image: url(http://www.kmasecurity.net/xforce/styles/default/xenforo/xenforo-smilies-sprite.png); background-position: 0px 0px; background-repeat: no-repeat no-repeat; border: 0px; font-family: Arial, Tahoma, 'Trebuchet MS', Helvetica, sans-serif; font-size: 13px; height: 18px; line-height: 20px; margin: 0px 1px; vertical-align: text-bottom; width: 18px;" title="Smile :)" /></span>

Writeup for 300 - KmaCTF

hào các bạn cuộc thi kmactf vừa mới kết thúc vào chiều nay và mình xin chia sẻ và viết writeup bài for300, bài cũng khá nhiều đội giải được ...

Read more »

ASIS CTF Memdump Writeup

<div style="background-color: #fefffb; border: 0px; color: #222222; font-family: 'PT Serif', Georgia, Times, 'Times New Roman', serif; font-size: 18px; line-height: 27.59375px; margin-bottom: 1.5em; padding: 0px; vertical-align: baseline;"> This is my first time to solve memory forensic challenge. I learn to use <a href="https://www.volatilesystems.com/default/volatility" style="-webkit-transition: color 0.3s; border: 0px; color: #751590; font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; transition: color 0.3s; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;">volatility</a> from this <a href="http://blog.lse.epita.fr/articles/59-ebctf-2013-for100.html" style="-webkit-transition: color 0.3s; border: 0px; color: #751590; font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; transition: color 0.3s; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;">post</a>.</div> <div style="background-color: #fefffb; border: 0px; color: #222222; font-family: 'PT Serif', Georgia, Times, 'Times New Roman', serif; font-size: 18px; line-height: 27.59375px; margin-bottom: 1.5em; padding: 0px; vertical-align: baseline;"> Indicated from the memory dump strings, we know the system is <code style="background-color: #efefef; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-color: rgb(203, 203, 203) rgb(165, 165, 165) rgb(86, 86, 86); border-style: solid; border-top-left-radius: 0px; border-top-right-radius: 0px; border-width: 1px; color: black; display: inline-block; font-family: Menlo, Monaco, 'Andale Mono', 'lucida console', 'Courier New', monospace; font-size: 0.75em; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 1.5em; margin: -1px 0px; padding: 0px 0.2em; vertical-align: baseline;">Ubuntu 12.04</code> with the kernel of <code style="background-color: #efefef; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-color: rgb(203, 203, 203) rgb(165, 165, 165) rgb(86, 86, 86); border-style: solid; border-top-left-radius: 0px; border-top-right-radius: 0px; border-width: 1px; color: black; display: inline-block; font-family: Menlo, Monaco, 'Andale Mono', 'lucida console', 'Courier New', monospace; font-size: 0.75em; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 1.5em; margin: -1px 0px; padding: 0px 0.2em; vertical-align: baseline;">vmlinuz-3.5.0-23-generic</code>. After building a profile (the step by step procedure is <a href="http://code.google.com/p/volatility/wiki/LinuxMemoryForensics" style="-webkit-transition: color 0.3s; border: 0px; color: #751590; font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; transition: color 0.3s; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;">here</a>), we can use the commands in volatility.</div> <pre style="-webkit-box-shadow: rgba(0, 0, 0, 0.0588235) 0px 0px 10px; background-color: #002b36; background-image: url(http://www.blue-lotus.net/images/noise.png?1379091085); background-position: 0% 0%; border-bottom-left-radius: 0.4em; border-bottom-right-radius: 0.4em; border-top-left-radius: 0.4em; border-top-right-radius: 0.4em; border: 1px solid rgb(5, 35, 43); box-shadow: rgba(0, 0, 0, 0.0588235) 0px 0px 10px; color: #93a1a1; font-family: Menlo, Monaco, 'Andale Mono', 'lucida console', 'Courier New', monospace; font-size: 13px; line-height: 1.45em; margin-bottom: 2.1em; overflow: auto; padding: 0.8em 1em; vertical-align: baseline;"><code style="border: 0px; font-family: Menlo, Monaco, 'Andale Mono', 'lucida console', 'Courier New', monospace; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">$ vol.py --profile=LinuxUbuntu1204x64 -f mem.dump linux_pslist ... 0xffff88000acf4500 udevd 8112 0 0 0x000000000d06e000 2013-08-26 12:35:50 UTC+0000 0xffff88000d54ae00 asis-ctf 9425 1000 1000 0x000000000c8c9000 2013-08-26 12:48:54 UTC+0000 0xffff88000acf2e00 nano 15584 1000 1000 0x000000000d677000 2013-08-26 13:13:42 UTC+0000 ... </code></pre> <div style="background-color: #fefffb; border: 0px; color: #222222; font-family: 'PT Serif', Georgia, Times, 'Times New Roman', serif; font-size: 18px; line-height: 27.59375px; margin-bottom: 1.5em; padding: 0px; vertical-align: baseline;"> We noticed that there is a process called <code style="background-color: #efefef; background-position: initial initial; background-repeat: initial initial; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-color: rgb(203, 203, 203) rgb(165, 165, 165) rgb(86, 86, 86); border-style: solid; border-top-left-radius: 0px; border-top-right-radius: 0px; border-width: 1px; color: black; display: inline-block; font-family: Menlo, Monaco, 'Andale Mono', 'lucida console', 'Courier New', monospace; font-size: 0.75em; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 1.5em; margin: -1px 0px; padding: 0px 0.2em; vertical-align: baseline;">asis-ctf</code>, which seems to provide the flag. Then we dump the executable file from memory of the process.</div> <pre style="-webkit-box-shadow: rgba(0, 0, 0, 0.0588235) 0px 0px 10px; background-color: #002b36; background-image: url(http://www.blue-lotus.net/images/noise.png?1379091085); background-position: 0% 0%; border-bottom-left-radius: 0.4em; border-bottom-right-radius: 0.4em; border-top-left-radius: 0.4em; border-top-right-radius: 0.4em; border: 1px solid rgb(5, 35, 43); box-shadow: rgba(0, 0, 0, 0.0588235) 0px 0px 10px; color: #93a1a1; font-family: Menlo, Monaco, 'Andale Mono', 'lucida console', 'Courier New', monospace; font-size: 13px; line-height: 1.45em; margin-bottom: 2.1em; overflow: auto; padding: 0.8em 1em; vertical-align: baseline;"><code style="border: 0px; font-family: Menlo, Monaco, 'Andale Mono', 'lucida console', 'Courier New', monospace; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">$ vol.py --profile=LinuxUbuntu1204x64 -f mem.dump linux_proc_maps -p 9425 Volatile Systems Volatility Framework 2.3_beta Pid Start End Flags Pgoff Major Minor Inode File Path 9425 0x0000000000400000 0x0000000000401000 r-x 0x0 252 0 393333 /home/netadmin/asis-ctf 9425 0x0000000000600000 0x0000000000601000 r-- 0x0 252 0 393333 /home/netadmin/asis-ctf 9425 0x0000000000601000 0x0000000000602000 rw- 0x1000 252 0 393333 /home/netadmin/asis-ctf ... $ vol.py --profile=LinuxUbuntu1204x64 -f mem.dump linux_dump_map -p 9425 -D output $ hexdump -C -n 10 task.9425.0x600000.vma 00000000 7f 45 4c 46 02 01 01 00 00 00 |.ELF......| $ cat task.9425.0x600000.vma task.9425.0x601000.vma > asis-ctf $ file asis-ctf asis-ctf: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), stripped </code></pre> <div style="background-color: #fefffb; border: 0px; color: #222222; font-family: 'PT Serif', Georgia, Times, 'Times New Roman', serif; font-size: 18px; line-height: 27.59375px; margin-bottom: 1.5em; padding: 0px; vertical-align: baseline;"> Here we get the ELF file, after doing some RE, we got the flag by runing the script below:</div> <pre style="-webkit-box-shadow: rgba(0, 0, 0, 0.0588235) 0px 0px 10px; background-color: #002b36; background-image: url(http://www.blue-lotus.net/images/noise.png?1379091085); background-position: 0% 0%; border-bottom-left-radius: 0.4em; border-bottom-right-radius: 0.4em; border-top-left-radius: 0.4em; border-top-right-radius: 0.4em; border: 1px solid rgb(5, 35, 43); box-shadow: rgba(0, 0, 0, 0.0588235) 0px 0px 10px; color: #93a1a1; font-family: Menlo, Monaco, 'Andale Mono', 'lucida console', 'Courier New', monospace; font-size: 13px; line-height: 1.45em; margin-bottom: 2.1em; overflow: auto; padding: 0.8em 1em; vertical-align: baseline;"><code style="border: 0px; font-family: Menlo, Monaco, 'Andale Mono', 'lucida console', 'Courier New', monospace; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">table_s = """42 49 55 52 4c 41 57 4e 64 5f 69 37 69 31 3e 63 6b 65 6c 33 3b 34 3d 65 3f 65 6f 63 47 31 75 36 72 66 42 62 4a 65 75 39 49 66 48 34 4d 32 4a 34 4e 37 4e 32 4d 35 55 65 50 37 82 32 84 61 52 35 83 39 85 61 53 34 89 39 8b 64 26""" table = [] for c in table_s.replace("\n", " ").split(" "): n = int("0x" + c, 16) table.append(n) flag = "" for i in range(0x25): a = 2 * i c = table[a] - i - 1 flag += chr(c) print flag $ python asis-ctf.py ASIS_cb6bb012a8ea07a426254293de2bc0ef </code></pre> <div style="background-color: #fefffb; border: 0px; color: #222222; font-family: 'PT Serif', Georgia, Times, 'Times New Roman', serif; font-size: 18px; line-height: 27.59375px; margin-bottom: 1.5em; padding: 0px; vertical-align: baseline;"> The ELF file asis-ctf I got from the mem.dump is still not able to run, that’s why RE is still needed. Does anyone have an idea to extract an runnable asis-ctf from the memory? Please tell me;-)</div>

ASIS CTF Memdump Writeup

This is my first time to solve memory forensic challenge. I learn to use  volatility  from this  post . Indicated from the memory dump st...

Read more »

Defcon 18 CTF quals writeup - Forensics 100

<h2 style="background-color: white; border: 0px solid rgb(0, 0, 0); color: #222222; font-family: 'Trebuchet MS', arial, 'bitstream vera sans', sans-serif; margin: 0px; padding: 0px;"> Walkthrough</h2> <div style="background-color: white; border: 0px solid rgb(0, 0, 0); color: #222222; font-family: 'Trebuchet MS', arial, 'bitstream vera sans', sans-serif; font-size: 16px; padding: 10px;"> Solution was inspired during the contest by the 2009 f100 writeup at <a href="http://shallweplayaga.me/" style="border: 0px solid rgb(0, 0, 0); margin: 0px; padding: 0px;">http://shallweplayaga.me/</a>. It involved a lot more groveling through the raw hex dump, but here's a decent enough way to find it without defaulting to hd *.bin | less:</div> <pre style="background-color: white; border: 0px solid rgb(0, 0, 0); color: #222222; padding: 0px;"> $ file f100_6db079ca91c4860f.bin f100_6db079ca91c4860f.bin: x86 boot sector; partition 1: ID=0x7, starthead 0, startsector 31, 31558 sectors, extended partition table $ sudo apt-get install sleuthkit $ fls f100_6db079ca91c4860f.bin Cannot determine file system type $ hd f100_6db079ca91c4860f.bin | head 00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000001c0 01 01 07 00 df fa 1f 00 00 00 46 7b 00 00 00 00 |..........F{....| 000001d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000001f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.| 00000200 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00003e00 eb 52 90 4e 54 46 53 20 20 20 20 00 02 08 00 00 |.R.NTFS .....| 00003e10 00 00 00 00 00 f8 00 00 3f 00 ff 00 1f 00 00 00 |........?.......| $ python >>> 0x3e00 / 512 31 >>> $ dd if=f100_6db079ca91c4860f.bin of=f100.dd bs=512 skip=31 $ fls f100.dd r/r 4-128-4: $AttrDef r/r 8-128-2: $BadClus r/r 8-128-1: $BadClus:$Bad r/r 6-128-4: $Bitmap r/r 7-128-1: $Boot d/d 11-144-4: $Extend r/r 2-128-1: $LogFile r/r 0-128-1: $MFT r/r 1-128-1: $MFTMirr r/r 9-128-8: $Secure:$SDS r/r 9-144-11: $Secure:$SDH r/r 9-144-5: $Secure:$SII r/r 10-128-1: $UpCase r/r 3-128-3: $Volume r/r 42-128-4: 2009040811380736734_115018_0.jpg r/r 42-128-5: 2009040811380736734_115018_0.jpg:Zone.Identifier r/r 35-128-4: carpenter.png r/r 35-128-5: carpenter.png:Zone.Identifier r/r 36-128-3: caught.jpg r/r 36-128-4: caught.jpg:Zone.Identifier r/r 37-128-3: evidence.jpg r/r 37-128-4: evidence.jpg:Zone.Identifier r/r 41-128-3: furries.jpg r/r 41-128-4: furries.jpg:Zone.Identifier r/r 39-128-3: images.jpg r/r 39-128-4: images.jpg:Zone.Identifier r/r 40-128-4: whiteflag.jpg r/r 40-128-5: whiteflag.jpg:Zone.Identifier -/r * 38-128-1: key -/r * 38-128-3: key:Zone.Identifier d/d 256: $OrphanFiles $ strings f100.dd | grep key keyfile.dat $ hd f100.dd | grep -C 10 key 00f69060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00f69070 00 00 00 00 00 e0 00 00 77 68 65 72 65 30 77 68 |........where0wh| 00f69080 65 72 65 31 35 74 68 65 6b 33 79 3f 00 00 00 00 |ere15thek3y?....| 00f69090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00f690a0 00 69 00 74 00 69 00 73 00 6e 00 6f 00 74 00 68 |.i.t.i.s.n.o.t.h| 00f690b0 00 65 00 72 00 65 00 00 00 00 00 00 00 00 00 00 |.e.r.e..........| 00f690c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00f690d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 aa 50 |...............P| 00f690e0 4b 00 31 38 00 0d 00 00 00 04 00 20 00 03 10 00 |K.18....... ....| 00f690f0 22 01 01 00 42 00 00 00 00 00 00 00 00 00 00 00 |"...B...........| 00f69100 00 00 00 00 00 e0 00 ee 00 6b 65 79 66 69 6c 65 |.........keyfile| 00f69110 2e 64 61 74 00 00 00 00 00 00 00 00 00 00 00 00 |.dat............| 00f69120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00f6c200 </pre> <div style="background-color: white; border: 0px solid rgb(0, 0, 0); color: #222222; font-family: 'Trebuchet MS', arial, 'bitstream vera sans', sans-serif; font-size: 16px; padding: 10px;"> Well, that's not very encouraging. Wait a second, Microsoft likes Unicode...</div> <pre style="background-color: white; border: 0px solid rgb(0, 0, 0); color: #222222; padding: 0px;">$ strings -e -l f100.dd | grep key $ strings -e l -3 f100.dd | grep key key key key key $ strings -e -l -3 f100.dd | grep -C 2 key $I30 $SDH key key ('P' (8`8@ -- $SDH (X@ key ((P( (8`8@ -- evidence.jpg Zone.Identifier key notdeleted,never Zone.Identifier $ hd f100.dd | grep -C 2 n.o.t.d 0052b8f0 03 03 6b 00 65 00 79 00 80 00 00 00 48 00 00 00 |..k.e.y.....H...| 0052b900 00 00 18 00 00 00 01 00 00 00 00 00 18 00 00 00 |................| 0052b910 6e 00 6f 00 74 00 64 00 65 00 6c 00 65 00 74 00 |n.o.t.d.e.l.e.t.| 0052b920 65 00 64 00 2c 00 6e 00 65 00 76 00 65 00 72 00 |e.d.,.n.e.v.e.r.| 0052b930 65 78 69 73 74 65 64 0d 0a 00 00 00 00 00 00 00 |existed.........| </pre> <div style="background-color: white; border: 0px solid rgb(0, 0, 0); color: #222222; font-family: 'Trebuchet MS', arial, 'bitstream vera sans', sans-serif; font-size: 16px; padding: 10px;"> So the key is "notdeleted,neverexisted".</div>

Defcon 18 CTF quals writeup - Forensics 100

Walkthrough Solution was inspired during the contest by the 2009 f100 writeup at  http://shallweplayaga.me/ . It involved a lot more grov...

Read more »

NuitDuHack 2012 Prequals – sciteekadm.cap

<div style="background-color: white; border: 0px none; color: #2c2b2b; font-family: arial; font-size: 12px; line-height: 20px; margin-top: 10px; overflow: auto; padding: 0px;"> <strong>Summary:</strong> WPA traffic decrypting</div> <div style="background-color: white; border: 0px none; color: #2c2b2b; font-family: arial; font-size: 12px; line-height: 20px; margin-top: 10px; overflow: auto; padding: 0px;"> <span id="more-2451"></span></div> <div style="background-color: white; border: 0px none; color: #2c2b2b; font-family: arial; font-size: 12px; line-height: 20px; margin-top: 10px; overflow: auto; padding: 0px;"> Here we have a pcap file with 802.11 (wireless) traffic dump. Seems it’s encrypted, let’s try aircrack:</div> <div class="wp_syntax" style="background-color: #f9f9f9; border: 1px solid silver; color: #110000; font-family: arial; font-size: 12px; margin: 0px 0px 1.5em; overflow-x: auto; overflow-y: hidden; width: 495px;"> <table style="border-collapse: collapse !important; border: none !important; margin: 0px !important; padding: 0px !important; width: 494px;"><tbody> <tr style="background-color: #f3f3f3; border: 1px solid rgb(204, 204, 204); padding: 2px 5px;"><td class="code" style="background-color: #eeeeee; background-image: linear-gradient(transparent 50%, rgba(255, 255, 255, 0.901961) 50%); background-size: 1px 32px; border: none !important; padding: 0px !important; vertical-align: top !important; width: 493px;"><pre class="bash" style="-webkit-box-shadow: rgba(0, 0, 0, 0) 0px 0px 0px !important; background-color: transparent !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: none !important; box-shadow: rgba(0, 0, 0, 0) 0px 0px 0px !important; clear: none !important; float: none !important; font-size: 12px !important; line-height: 16px !important; overflow: visible !important; padding: 0px 4px !important; width: auto !important;">$ aircrack-ng sciteekadm.cap <span style="color: #660033;">-w</span> 500-worst-passwords.txt Opening sciteekadm.cap Read 345 packets.   <span style="color: #666666; font-style: italic;"># BSSID ESSID Encryption</span>   1 40:FC:89:E0:FF:D3 Sciteek-adm WPA <span style="color: #7a0874; font-weight: bold;">(</span>1 handshake<span style="color: #7a0874; font-weight: bold;">)</span>   Choosing first network <span style="color: #c20cb9; font-weight: bold;">as</span> target.   Opening sciteekadm.cap Reading packets, please wait...   Aircrack-ng 1.1     <span style="color: #7a0874; font-weight: bold;">[</span>00:00:00<span style="color: #7a0874; font-weight: bold;">]</span> 4 keys tested <span style="color: #7a0874; font-weight: bold;">(</span>300.98 k<span style="font-weight: bold;">/</span>s<span style="color: #7a0874; font-weight: bold;">)</span>     KEY FOUND<span style="font-weight: bold;">!</span> <span style="color: #7a0874; font-weight: bold;">[</span> 12345678 <span style="color: #7a0874; font-weight: bold;">]</span></pre> </td></tr> </tbody></table> </div> <div style="background-color: white; border: 0px none; color: #2c2b2b; font-family: arial; font-size: 12px; line-height: 20px; margin-top: 10px; overflow: auto; padding: 0px;"> Password found! But sadly, wireshark can’t decrypt it, because EAPOL packets are corrupted/missing.<br />But there is a nice tool called <strong>airdecap-ng</strong> (thx to <a href="https://twitter.com/#!/kyprizel" style="color: #1772af; text-decoration: none;">@kyprizel</a>):</div> <div class="wp_syntax" style="background-color: #f9f9f9; border: 1px solid silver; color: #110000; font-family: arial; font-size: 12px; margin: 0px 0px 1.5em; overflow-x: auto; overflow-y: hidden; width: 495px;"> <table style="border-collapse: collapse !important; border: none !important; margin: 0px !important; padding: 0px !important; width: 494px;"><tbody> <tr style="background-color: #f3f3f3; border: 1px solid rgb(204, 204, 204); padding: 2px 5px;"><td class="code" style="background-color: #eeeeee; background-image: linear-gradient(transparent 50%, rgba(255, 255, 255, 0.901961) 50%); background-size: 1px 32px; border: none !important; padding: 0px !important; vertical-align: top !important; width: 493px;"><pre class="bash" style="-webkit-box-shadow: rgba(0, 0, 0, 0) 0px 0px 0px !important; background-color: transparent !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: none !important; box-shadow: rgba(0, 0, 0, 0) 0px 0px 0px !important; clear: none !important; float: none !important; font-size: 12px !important; line-height: 16px !important; overflow: visible !important; padding: 0px 4px !important; width: auto !important;">$ airdecap-ng <span style="color: #660033;">-p</span> 12345678 sciteekadm.cap <span style="color: #660033;">-e</span> Sciteek-adm Total number of packets <span style="color: #c20cb9; font-weight: bold;">read</span> 345 Total number of WEP data packets 0 Total number of WPA data packets 55 Number of plaintext data packets 0 Number of decrypted WEP packets 0 Number of corrupted WEP packets 0 Number of decrypted WPA packets 41 $ wireshark sciteekadm-dec.cap</pre> </td></tr> </tbody></table> </div> <div style="background-color: white; border: 0px none; color: #2c2b2b; font-family: arial; font-size: 12px; line-height: 20px; margin-top: 10px; overflow: auto; padding: 0px;"> Now we can simply extract a file from tcp session:<br /><a href="http://leetmore.ctf.su/wp-content/uploads/2012/03/out1.png" style="color: #1772af; text-decoration: none;"><img alt="" class="alignnone size-full wp-image-2452" height="8" src="http://leetmore.ctf.su/wp-content/uploads/2012/03/out1.png" style="border: 4px solid rgb(227, 227, 227); margin: 5px; padding: 0px;" title="out1" width="160" /></a></div> <div style="background-color: white; border: 0px none; color: #2c2b2b; font-family: arial; font-size: 12px; line-height: 20px; margin-top: 10px; overflow: auto; padding: 0px;"> The flag: <strong>7e4ef92d1472fa1a2d41b2d3c1d2b77a</strong></div>

NuitDuHack 2012 Prequals – sciteekadm.cap

Summary:  WPA traffic decrypting Here we have a pcap file with 802.11 (wireless) traffic dump. Seems it’s encrypted, let’s try aircrack...

Read more »

DEFCON 20 CTF PREQUALS 2012 – FORENSICS 300 WRITEUP

<div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> Let’s start with the <strong style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Forensics 300 </strong>writeup.</div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> The description of the challenge was just “<em style="border: 0px; font-family: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Please get my key back!</em>“, and we were provided with a file named <em style="border: 0px; font-family: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">for300-47106ef450c4d70ae95212b93f11d05d</em>.</div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> Let’s start examining the file:</div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter plain" id="highlighter_381396" style="border: 0px; font-family: inherit; font-size: 1em !important; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow-x: auto !important; overflow-y: hidden !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 800px;"> <table border="0" cellpadding="0" cellspacing="0" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-spacing: 0px; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: #777777; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 800px;"><tbody style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <tr style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><td class="gutter" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: rgb(175, 175, 175) !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 1</div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 2</div> </td><td class="code" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 768px;"><div class="container" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: relative !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">francisco@sherminator:~/Downloads$ file for300-47106ef450c4d70ae95212b93f11d05d</code></div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">for300-47106ef450c4d70ae95212b93f11d05d: data</code></div> </div> </td></tr> </tbody></table> </div> </div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> <span id="more-444" style="border: 0px; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></div> <pre style="background-color: #eeeeee; border: 0px; color: #666666; font-family: 'Courier 10 Pitch', Courier, monospace; font-size: 14px; line-height: 1.6; margin-bottom: 1.5em; max-width: 100%; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"></pre> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> Looks like the <em style="border: 0px; font-family: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">file</em> utility wasn’t able to recognize the type of the file. So let’s inspect it with an hex editor:</div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> <a href="https://sysexit.files.wordpress.com/2012/06/f300hexeditor.png" style="border: 0px; color: #759b22; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="" class="aligncenter size-full wp-image-447" src="https://sysexit.files.wordpress.com/2012/06/f300hexeditor.png?w=800" style="border: 0px; clear: both; display: block; height: auto; margin: 1.5em auto; max-width: 100%;" title="f300hexeditor" /></a></div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> So it’s a firmware. That means that it’s time for <a href="http://code.google.com/p/binwalk/" style="border: 0px; color: #759b22; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">binwalk</a>, a tool designed to search into binary images for compressed data, filesystems and more.</div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter plain" id="highlighter_54884" style="border: 0px; font-family: inherit; font-size: 1em !important; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow-x: auto !important; overflow-y: hidden !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 800px;"> <table border="0" cellpadding="0" cellspacing="0" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-spacing: 0px; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: #777777; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 1388px;"><tbody style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <tr style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><td class="gutter" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: rgb(175, 175, 175) !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 1</div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 2</div> <div class="line number3 index2 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 3</div> <div class="line number4 index3 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 4</div> <div class="line number5 index4 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 5</div> <div class="line number6 index5 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 6</div> <div class="line number7 index6 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 7</div> </td><td class="code" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 1356px;"><div class="container" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: relative !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">francisco@sherminator:~/Desktop/binwalk-0.3.9/src$ ./binwalk for300-47106ef450c4d70ae95212b93f11d05d</code></div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">  </div> <div class="line number3 index2 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">DECIMAL       HEX           DESCRIPTION</code></div> <div class="line number4 index3 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">-------------------------------------------------------------------------------------------------------</code></div> <div class="line number5 index4 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">108           0x6C          LZMA compressed data, properties: 0x5D, dictionary size: 33554432 bytes, uncompressed size: 3008436 bytes</code></div> <div class="line number6 index5 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">983148        0xF006C       PackImg Tag, little endian size: 14690560 bytes; big endian size: 2744320 bytes</code></div> <div class="line number7 index6 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">983180        0xF008C       Squashfs filesystem, little endian, version 4.0, size: 724610815 bytes, 1470 inodes, blocksize: 0 bytes, created: Sat Mar  6 09:29:04 1993</code></div> </div> </td></tr> </tbody></table> </div> </div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> We have a Squashfs in there, a read-only filesystem that is used on Live CDs and router firmware. We will try to extract that filesystem using <a href="https://code.google.com/p/firmware-mod-kit/" style="border: 0px; color: #759b22; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;">firmware-mod-kit</a>:</div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter plain" id="highlighter_850741" style="border: 0px; font-family: inherit; font-size: 1em !important; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow-x: auto !important; overflow-y: hidden !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 800px;"> <table border="0" cellpadding="0" cellspacing="0" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-spacing: 0px; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: #777777; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 964px;"><tbody style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <tr style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><td class="gutter" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: rgb(175, 175, 175) !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 1</div> </td><td class="code" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 932px;"><div class="container" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: relative !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">francisco@sherminator:~/firmware-mod-kit-read-only/trunk$ ./extract-ng.sh for300-47106ef450c4d70ae95212b93f11d05d</code></div> </div> </td></tr> </tbody></table> </div> </div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> After a few minutes, firmware-mod-kit tells us that it finished its job, and that the output  is located at the <em style="border: 0px; font-family: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">fmk/</em>directory.</div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter plain" id="highlighter_531594" style="border: 0px; font-family: inherit; font-size: 1em !important; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow-x: auto !important; overflow-y: hidden !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 800px;"> <table border="0" cellpadding="0" cellspacing="0" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-spacing: 0px; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: #777777; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 800px;"><tbody style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <tr style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><td class="gutter" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: rgb(175, 175, 175) !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 1</div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 2</div> </td><td class="code" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 768px;"><div class="container" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: relative !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">francisco@sherminator:~/Desktop/fmk$ ls</code></div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">image_parts  logs  rootfs</code></div> </div> </td></tr> </tbody></table> </div> </div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> There we have the filesystem of the firmware, right in the <strong style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">rootfs</strong> directory. Let’s see what can we find there:</div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter plain" id="highlighter_287303" style="border: 0px; font-family: inherit; font-size: 1em !important; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow-x: auto !important; overflow-y: hidden !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 800px;"> <table border="0" cellpadding="0" cellspacing="0" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-spacing: 0px; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: #777777; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 800px;"><tbody style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <tr style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><td class="gutter" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: rgb(175, 175, 175) !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 1</div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 2</div> </td><td class="code" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 768px;"><div class="container" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: relative !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">francisco@sherminator:~/Desktop/fmk/rootfs$ ls</code></div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">bin  dev  etc  home  htdocs  lib  mnt  proc  sbin  sys  tmp  usr  var  www</code></div> </div> </td></tr> </tbody></table> </div> </div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> Now let’s go straight to the <strong style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">/home/dlink</strong> folder:</div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter plain" id="highlighter_245183" style="border: 0px; font-family: inherit; font-size: 1em !important; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow-x: auto !important; overflow-y: hidden !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 800px;"> <table border="0" cellpadding="0" cellspacing="0" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-spacing: 0px; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: #777777; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 800px;"><tbody style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <tr style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><td class="gutter" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: rgb(175, 175, 175) !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 1</div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 2</div> <div class="line number3 index2 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 3</div> <div class="line number4 index3 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 4</div> <div class="line number5 index4 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 5</div> </td><td class="code" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 768px;"><div class="container" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: relative !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">francisco@sherminator:~/Desktop/fmk/rootfs/home/dlink$ ls -la</code></div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">total 12</code></div> <div class="line number3 index2 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">drwxrwxr-x 2 root root 4096 2012-05-30 18:24 .</code></div> <div class="line number4 index3 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">drwxrwxr-x 3 root root 4096 2012-05-30 18:20 ..</code></div> <div class="line number5 index4 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">-rw-r--r-- 1 root root   45 2012-05-30 18:24 key.txt</code></div> </div> </td></tr> </tbody></table> </div> </div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> And finally:</div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="syntaxhighlighter plain" id="highlighter_12676" style="border: 0px; font-family: inherit; font-size: 1em !important; font-style: inherit; font-weight: inherit; margin: 1em 0px !important; outline: 0px; overflow-x: auto !important; overflow-y: hidden !important; padding: 0px; position: relative !important; vertical-align: baseline; width: 800px;"> <table border="0" cellpadding="0" cellspacing="0" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-spacing: 0px; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: #777777; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 800px;"><tbody style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <tr style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><td class="gutter" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: rgb(175, 175, 175) !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 1</div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-right-color: rgb(108, 226, 108) !important; border-right-style: solid !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border-width: 0px 3px 0px 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 0.5em 0px 1em !important; position: static !important; right: auto !important; text-align: right !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> 2</div> </td><td class="code" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: 768px;"><div class="container" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: relative !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"> <div class="line number1 index0 alt2" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">francisco@sherminator:~/Desktop/fmk/rootfs/home/dlink$ cat key.txt</code></div> <div class="line number2 index1 alt1" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;"> <code class="plain plain" style="-webkit-box-shadow: none !important; background-image: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-shadow: none !important; box-sizing: content-box !important; color: black !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">ewe know, the sh33p always preferred Linksys</code></div> </div> </td></tr> </tbody></table> </div> </div> <div style="background-color: white; border: 0px; color: #666666; font-family: Bitter, sans-serif; font-size: 14px; line-height: 28px; margin-bottom: 1.5em; outline: 0px; padding: 0px; vertical-align: baseline;"> So the key for this challenge was:  <strong style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">ewe know, the sh33p always preferred Linksys</strong></div>

DEFCON 20 CTF PREQUALS 2012 – FORENSICS 300 WRITEUP

Let’s start with the  Forensics 300  writeup. The description of the challenge was just “ Please get my key back! “, and we were provided...

Read more »