Petite frappe 3/3

forensics linux logs FCSC 2020 solved on

star star

Description

During an investigation involving a GNU/Linux server in France, several files unknown to the administrator have been found, including this one:

-rw-r--r-- 1 root root 55K Mar 21 02:45 /tmp/input

This specific file is suspected to be linked to a keylogger, but no binary with keylogging ability appears to have been executed on the server. Identify the format of this file, then try to decode it to find the password of flag.gpg.

This challenge has been split into three parts:

Files

  • input
    54.75 KiB – d77e7d33c43e7142f441de9b3045591f001560678c2ee430adcee2f591e252b6
  • flag.gpg
    154 B – d8960ce2a47449ff6c826002625401f964031af54719a15f41a0f2f823242813

Author

alx

Flag

Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.

Writeups

There are no public solutions for this challenge yet, but you can submit yours after getting the flag.