Exploring Pico2026 Disko4
Let's dive into the details surrounding Pico2026 Disko4.
- Uses Sleuth Kit from SANS SIFT Workstation (you can download separately and not use a VM) to create a timeline and then view ...
- A one-byte linear feedback shift register is used to encrypt a file. We brute-force the decryption. def steplfsr(lfsr): b7 = (lfsr >> 7) & 1 ...
- SQL injection on a website.
- Get encrypted exfiltrated data from a PCAP file, then use CyberChef to XOR decode it.
- Call an etherium contract using Foundry cast and trigger an integer overflow by depositing 2^256-1.
In-Depth Information on Pico2026 Disko4
Find deleted file with fls, mactime and icat. PicoCTF Use virt-ls and virt-copy-out to extract a GIT repo from a disk image, then git log. Uses fls and mactime to create a forensic timeline. icat allows us to view the contents of the identified file.
Combine files with cat and unzip.
That wraps up our extensive overview of Pico2026 Disko4.