 What's up everybody? This is John Hammond and showcasing some more of the Google capture flag CTF again another shout-out to live overflow He is an awesome youtuber that I played this game with he looked at some of the legitimate challenges Well, I stuck with the baby stuff at the beginners quest But if you haven't seen his stuff before totally check him out on YouTube totally subscribe He is incredible content. So let's get to the real stuff that I want to talk about today The beginners quest of the capture flag competition. Let's move into the second challenge the miscellaneous category And this is called floppy it says using the credentials from the letter you log into the Fubanizer 9000 PC It has a floppy drive Why? There's an icon file on the disc, but it doesn't smell right. Hmm. Let's go ahead and download this attachment Save this into GCTF or we're working out of the directory we can call it floppy and Let's open up a terminal and see what we've got to work with CD to GCTF floppy Um, totally can't type this file is what are we actually looking at here another zip archive? Okay? So let's move that to floppy dot zip and Now we can unzip that pretty easy good Let's see what we've got here. We've got an icon file food at Ico What is that really? MS windows icon resource one icon 32 by 32 can we view it? Okay, looks like Borland Little little beetle thing there Let's see what's really in it Nonsense nonsense nonsense ooh driver dot text dub dub dub calm Huh, okay? Exif tool anything anything good on that food at icon Nothing, but since we saw those file names in there, maybe there are files hidden inside of this Let's run bin walk tech e to extract it if you don't have been walk you can probably Sudo app install that and it did create a new directory for us. It was able to extract some stuff Let's move into there, and we see that driver dot text and dub dub dub calm. What do we got here? ASCII text ASCII text at CRFL whatever whatever. I don't know what this it may be let's start with that 2fd Okay, it looks like Just as if archive of these things whatever we can ignore those I didn't extract those. Let's see what we have for driver dot text. Oh This is the driver for the aluminum keyhugger password store device and it's totally the flag Okay, whatever sweet. Let's Let's call that good submit that flag and be done with it not too bad at all Let's note this as flag dot text because that's good practice and just for kicks and giggles Let's go ahead and create a Get flag script for this from download it to actually getting the flag Just because I think that's Good to do get flag dot sh again. Shebang line. Let's curl this get the link We can save it as floppy dot zip to to def null So we don't see that output Totally fine to save that. Let's run Get flag and do it. Okay. No output on that. Cool. Let's unzip the floppy dot zip and We know we can use tack o to overwrite and we can actually use tack qq to remove the output for us So we don't have to do that trick to dev null and forward any of the standard streams Let's go back to editing it What we can do is we can run that bin walk tack e on food on icon as it extracts And I think we can use tack q on that too, right? Is there a tack q Tack lowercase q quiet suppress output is centered out perfect and Now we would have that underscore foo icon extracted. So let's cat everything that's underscored and And cat out driver dot text Text holy cow, I cannot type run him Okay, that prints out the flag for us and we're getting extra icow extractions Lux extra folders because bin is doing that for us So what we can do in our get flag script is actually remove Anything that has that starting with that underscore. Thankfully bin walked has that for us in a smart way Just using that underscore to denote. This is the output of bin walk and Now they're all gone. So once we run get flag script, it'll do that cleanly for us so we can cat that out grep for the CTF line and That has a couple indents in the way so we can do a nice trick to Remove all that white space by doing a while read line echo that line. So The white space goes away and we have just the flag output from download to flag retrieval cool Now let's move floppy to floppy complete And we are done with that Thank you guys for watching. Hope you enjoyed this. Hope you're enjoying some of these videos Again, nothing too crazy some of the beginner quest stuff But hopefully there's some interesting content that you guys like some syntax or techniques you'd like to see Reminder and shout out check out live overflow. He has incredible content And I hope you are enjoying some stuff from him and some stuff for me If you did like the video, please do press that like button If you'd like to see more or have some opinion that you'd like to share with me Totally leave a comment and if you're willing to subscribe that would be awesome And if you thanks for watching guys. See you in a later video