Tags: forensics 

Rating: 0

# open-docs (150)

## Problem

Yay! I really enjoy using these free and open file standards. I love them so much, that I made a file expressing how much I like using them. Let's enjoy open standards together!

(Attachments: files/open.docx)

## Solution

A lot of things are actually zip files underneath and can be unzipped as such. docx files are one of those things.

$ unzip open.docx
Archive: open.docx
creating: docProps/
inflating: docProps/app.xml
inflating: docProps/core.xml
creating: word/
inflating: word/document2.xml
inflating: word/fontTable.xml
extracting: word/secrets.xml
inflating: word/settings.xml
inflating: word/styles.xml
creating: word/theme/
inflating: word/theme/theme1.xml
inflating: word/webSettings.xml
creating: word/_rels/
inflating: word/_rels/document2.xml.rels
inflating: [Content_Types].xml
creating: _rels/
inflating: _rels/.rels

One can't help but notice a really interesting file: `word/secrets.xml`. Let's go check it out.

$ cat word/secrets.xml


Looks like base64. Let's decode it.

$ echo "PHNlY3JldCBmbGFnPSJiY2FjdGZ7ME94TWxfMXNfNG00ejFOZ30iIC8+" | base64 -d
<secret flag="bcactf{0OxMl_1s_4m4z1Ng}" />