Target 2 progress

[ghost]

Basically we're trying to make a copy of the image from target 2 so we can read the contents to try to bypass SSL. We were hoping to be able to do a simple replay attack but we think that the use of SSL has prevented that since we can't connect without a certificate (otherwise we could just send the captured packets and it should unlock). See ServerConnection.py for details.

[wilkening-mark]

http://unix.stackexchange.com/questions/9099/reading-a-filesystem-from-a-whole-disk-image https://discussions.apple.com/thread/1550154?tstart=0 https://www.virtualbox.org/manual/ch08.html#vboxmanage-clonevdi http://ubuntuhak.blogspot.com/2012/10/how-to-create-format-and-mount-img-files.html http://www.cyberciti.biz/faq/linux-how-to-determine-find-out-file-system-type/ http://osxdaily.com/2014/03/20/mount-ext-linux-file-system-mac/

[wilkening-mark]

sudo mount -o loop,rw,sync -t ext4 /Users/mwilkening/Desktop/target/bbb.img /Users/mwilkening/Documents/spring2016/ctftemp/imagemount

[wilkening-mark]

So this doesn't work right now on my mac because osx doesnt natively support other filesystem types (ext4). I am downloading osxfuse which should fix this but we could also just try this on a linux box. Basically if we can just mount the image and browse the filesystem we should be able to get the keys I hope. Unfortunately they use ssl so without the keys we cannot establish a network connection to do replay attackes, which we though would be the easy money (the 1 thing they did :( )

[vsuha]

We dont need to do this because now we can ssh in. The password is the default password: tmppwd