2016, CTF, Sharif

English [Sharif University CTF 2016] [Forensic 100 – Dumped!] Write Up

Leave a comment

Description

In Windows Task Manager, I right clicked a process and selected “Create dump file”. I’ll give you the dump, but in return, give me the flag!

Resolution

Looking for Sharif in the dump:

$ strings RunMe.DMP | grep 'Sharif'
00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

SharifCTF{4d7328869acb371ede596d73ce0a9af8}
SharifCTF{4d
SharifCTF{4d7328869acb371ede596d73ce0a9af8}
SharifCTF{4d
SharifCTF{4d7328869acb371ede596d73ce0a9af8}

Flag was “4d7328869acb371ede596d73ce0a9af8“.

Leave a Reply

Your email address will not be published. Required fields are marked *