CTF | wargame

DFChallenge 2021 / 301 - What is the secret information

nopdata 2021. 5. 23. 23:50

Description

You are an investigator. You had received intelligence that international drug dealer A was scheduled to enter Korea and meet with someone and secret information related to the meeting is stored on A’s smartphone. The A was arrested at Incheon International Airport and A’s smartphone was confiscated. After then, you dumped the NAND flash memory and collected /data partition image. As a result of interrogation of A, you identified that A purchased the smartphone in March 2014 and that secret information was encrypted with a security app. You also found out that the security app is using the screen lock number as the passcode.

 

solution

문제는 압수한 안드로이드 스마트폰의 패턴 정보를 알아내는 것이다.
data.img 파일 하나가 주어진다. NAND Flash 메모리를 덤프 데이터이므로 FTK Imager로 확인을 한다.

 

패턴 크랙 기술은 이미 오래 전에 공개되어 있다. /system/gesture.key에 패턴 정보가 저장되어 있으며, 공개된 오픈소스를 이용하여 풀어준다. (https://github.com/MGF15/P-Decode)

 

 

 

Flag: 741258