Uiuctf 2021

tablet 1

Solved by : thewhiteh4t

  • we are given an iPad image in this challenge
  • goal was to find a server where the data was exfiltrated
  • so a guess was that I will find a server and flag will be present on it
  • following this theory I looked for the string because thats the domain being used in all remote based challenges

    grep -rni “” .

  • this is a Sqlite3 database file
  • I found SSH private key and other login info required for login

  • SSH login ssh -i id_rsa -p 42069

  • the private key is encrypted and the password is actually : ****

  • but on login I got a message that service allows only SFTP connections, so I tried logging in with SFTP

  • unlike most ctf challenges flag was not available after login so I downloaded .bash_history using get command

  • and in this location I found a JPG image…

Published on : 12 Aug 2021