CTFtime.org / CSAW CTF Qualification Round 2018 / simple

# CSAW CTF 2018: simple_recovery
![date](https://img.shields.io/badge/date-16.09.2018-brightgreen.svg)
![solved in time of CTF](https://img.shields.io/badge/solved-in%20time%20of%20CTF-brightgreen.svg)
![forensics category](https://img.shields.io/badge/category-forensics-lightgrey.svg)
![score](https://img.shields.io/badge/score-150-blue.svg)
![solves](https://img.shields.io/badge/solves-306-brightgreen.svg)

## Description
Simple Recovery. Try to recover the data from these RAID 5 images!

## Attached files
- [disk.img1.7z](/disk.img1.7z)
- [disk.img2.7z](/disk.img2.7z)

## Summary
`strings` and `grep` under the recovered RAID 5 disk

## Flag
```
flag{dis_week_evry_week_dnt_be_securty_weak}
```

## Detailed solution
We use a *C* program from *Github*, called *[xor-files.c](https://github.com/scangeo/xor-files/blob/master/source/xor-files.c)*, to XOR the given disks.
With a *Python* script, used in *deadnas* challenge [write-up](https://codisec.com/tw-mma-2-2016-deadnas/) from *Tokyo Westerns MMA CTF 2nd 2016*, considering the parity byes, we get a new recovered disk. Using `strings` over that, in combination with `grep “flag”`, we get the flag in plaintext.

Original writeup (https://github.com/iosifache/CTF-writeups/blob/master/forensics/simple_recovery/writeup.md).

simple_recovery

Comments

Sign in with