Skip to content

Latest commit

 

History

History
35 lines (21 loc) · 706 Bytes

alt_writeup.md

File metadata and controls

35 lines (21 loc) · 706 Bytes

Alternative Write-Up for Hide-And-Seek

  1. vboximg-mount -i hide-and-seek/hide-and-seek\ Clone.vdi /tmp/mnt

ls -lh /tmp/mnt
-rw-r--r--  1 4294967295  nogroup    10G Sep 15 22:50 vhdd
-rw-rw-rw-  1 root        wheel     512M Jan  1  1970 vol0
-rw-rw-rw-  1 root        wheel     9.5G Jan  1  1970 vol1

  1. testdisk ./vhdd

  2. Proceed > Advanced > Linux > List

  3. Navigate to /opt/malware

  4. Retrieve mother.cpython-38.pyc

  5. Decompile this python byte code with uncompyle6

  6. Find the exec statement that makes the flag, run it a print it yourself.

  7. ???

  8. Profit!!!

Credit

h4sh#5081 from UQ Cyber

The moral of the story

Not even rm can hide your mistakes.