Use srch_strings from the sleuthkit and some terminal-fu to find a flag in this disk image: dds1-alpine.flag.img.gz
srch_strings
dds1-alpine.flag.img.gzarrow-up-right
Extract the disk by running gunzip dds1-alpine.flag.img.gz.
gunzip dds1-alpine.flag.img.gz
Make sure autopsy is installed (sudo apt install autopsy).
autopsy
sudo apt install autopsy
Use the srch_strings command as suggested by the challenge and then search for picoCTF: srch_strings dds1-alpine.flag.img | grep picoCTF
picoCTF
srch_strings dds1-alpine.flag.img | grep picoCTF
picoCTF{f0r3ns1c4t0r_n30phyt3_a011c142}
Last updated 3 years ago
