 How's it going everybody? My name is John Hammond. It's still checking out the last of CTF challenges This one I was looking at right now was a lost extensions And I have already solved this but I want to demonstrate how I solved it and put together a script It'll do it all for us. So the problem is this file got saddened through its extension Maybe you can figure out what it's supposed to be. So let's go ahead and download this extensions looks like a file And I'll just put it in the normal file the folder and everything that I put Everything in for a CTF and the last of CTF challenges. Okay, so I just created a folder for it Good open a terminal. I've already cleared everything out of what I had in there before so I can demonstrate this for you I can cat out extensions and it looks like it's a bunch of junk I'll actually look at what it is with the file command and it looks like it's a zip archive So, okay, let's go ahead and copy that to actually with an actual zip extension on it Good now I can unzip that extension zip folder and it looks like okay. We get this file. I'm lost So what is that we can run file? I'm lost and it's okay. It's just ASCII text Okay, so hopefully that's our flag right I can just go ahead and cat out. I'm lost whoa This looks like a a Bunch of numbers. I don't know what this is I'm just scrolling through it with the page shift up right shift and page up at the same time in a terminal But I still don't actually know what any of this stuff is like VN V I see F proceeding some of these I Try to Google around I looked at the hint and it told me that hey, there sure are a lot of a lot of numbers there Yeah, that that helps. It's not like I can Google file with numbers. It doesn't it doesn't doesn't help that way Yeah, file with numbers does not get me anything So I started to look at a little bit more of the preceding lines like files that start with V File VN, I thought I know I saw VN earlier. So I saw file VN. I try to Google that and This wavefront object file looks promising. So look at that in Wikipedia Try to look at a little bit more and whoa a lot of the things it was displaying were pretty similar to what I was seeing in This file here. So I looked at that Feared it was a wavefront object file. So I went ahead and took a copy of that to I'm lost to Thing dot OBJ right But this doesn't help I still need to be able to actually view this 3d graphic object I've seen this before like open GL stuff when I used to play with it I know it's a 3d model, but now I just need to be able to open 3d models in Linux So I just googled like view 3d models Linux and I actually I think I googled like Ubuntu and I found this super cool tool 3d file viewer or something Regardless, I ended up using the function. I can't really find it online, but I ended up using 3d viewer. So 3d viewer or g3d viewer, right? I think that's what yeah So I hadn't installed that earlier again. I removed it to demonstrate this for you G3d viewer I went ahead and installed it and Then I just ran the g3d viewer on that object file and I got my flag so easy, right? It just took a little bit of Figuring stuff out. So then I let's actually create a script that will do this all for us In that lost extensions Let's just look at Get flag dot sh I might should bang line up top use bin sh So now that we have our flag we initially what did we do we copied extensions? To extensions dot zip We ran unzip on extensions dot zip and then we Ran What did we run? I'm trying to get back now. Oh great. We moved the I'm lost file. What was the name of that file? Because I know it's gonna inflate that again. Oh We could just copy this copy. I'm lost to thing dot object and then we ran 3d Viewer on thing that object Cool. So now let's make that executable Try and run it and then it does everything we need to We had a little have a little action interaction there with the unzip file I wonder if there's a way to force that because it already existed force There's a dash B If I can like pipe yes into it. Okay. Yeah, I can hit yes Just like that and we should be good That displays our flag for us just like that our get flag script works. Well, cool. We're good We just got the flag and we'll go ahead to submit it Actually, what was it? I'll run my I'll run like a flexor who needs extensions with O's and Threes being replaced. Let's enter that in and we get our 50 points sweet. Thanks for watching guys I hope you enjoyed this one took a little bit of deductive reasoning or at least a little bit of research Figure out what this object file was and they're being able to display it in your bun to thanks. See you soon