FCSC 2021 - Intro - Rituel en Chaine

May 3, 2021 One-minute read

fcsc • intro • forensics

Table of contents :

This step is a ritual in learning digital investigation. Find the flag in the attached file using the resources available.

disque.img (480M) : https://files.france-cybersecurity-challenge.fr/dl/rituel_en_chaine/disque.img.7z

sha256(disque.img) = c2320040e9404ae398ae28c33e9ea66598282a900c446914275b3247748e1250.

Files :

disque.img

Solving the challenge

Here we have a disk image, ready for forensics analysis. Of course we could do a deep analysis of the disk, but it is useful to start by using the strings function, it can provide a lot of useful information.

Here, a simple strings -a disque.img | grep FCSC finds the flag in seconds:

$ strings -a disque.img | grep FCSC
FCSC{6b8aa82937ec0ff5a3eaffa74b3b2de2e83c6a94eef6d96b59b50f65e8e35fa9}