Tags: sqlite warmups 


# Blobber


The file we get is a SQLite database file:


Opening it in the DB Browser, we notice a lot of entries with random looking names.


It was all garbage. I spend some time trying to find the needle in the haystack but then I remembered it's a SQL database so we can simply use queries. All the `name` columns contained junk, and all the `data` columns were empty. But that is something we can double check using the SQL query below to list everything that doesn't have a NULL data column entry:

select * from blobber where data != 'NULL';
It turns out we have a blob in one of the entries:


Good thing I learned to leave assumptions at the door when doing CTFs. Now I used some short python scripting to pull out the blob and write it to a file since I didn't know exactly what it was.

import sqlite3

conn = sqlite3.connect('blobber')
cursor = conn.cursor()

cursor.execute("select data from blobber where data != 'NULL';")

result = cursor.fetchone()
blob_content = result[0]

with open('output.bin', 'wb') as file:


We can use the file command on it and find out it's a `bzip2` archive.


We can use `bzip2 -d` to decompress it:


And the resulting file is a picture:

That contains our flag:



Original writeup (https://github.com/LazyTitan33/CTF-Writeups/blob/main/Nahamcon2023/Warmups/Blobber.md).