Description
As you pass through customs, the customs officer asks you to hand over your phone and its unlock code. The phone is returned to you a few hours later…
Suspicious, you send your phone to ANSSI’s CERT-FR for analysis. CERT-FR analysts carry out a collection on the phone, consisting of a sysdiagnose and a backup.
To conclude your analysis, find the initial infection vector.
You’ll need to identify :
- the vulnerability used (CVE number);
- the initial infection date (in UTC time, without seconds).
The flag is in the format FCSC{<CVE number>|<infection date>}. For example, if the vulnerability used is CVE-2025-00001 and the infection (UTC) date is 2025-01-01 01:00: FCSC{CVE-2025-00001|2025-01-01 01:00}.
This challenge is part of a serie. The challenges are independent, except iBackdoor 2/2 whitch depends on iBackdoor 1/2:
Files
-
backup.tar.xz
31.36 MiB – f7e00e4979573e09f582bebb2a64d5daa0ad6151ca7f6971beabbfaa81b400ce -
sysdiagnose_and_crashes.tar.xz
199.10 MiB – 9a7cc0ee4032bc74d2c162562691594fa772f4f57090b7cc72b6efa0e88582cc
Author
Flag
Submit your solution
You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.
You need to be logged in to submit a writeup.
Writeups
There are no public solutions for this challenge yet, but you can submit yours after getting the flag.