Explanation
In the Fire challenge, we are given the files key4.db and logins.json. These files combined with the name of the challenge being “Fire” is a good hint that we need to crack a firefox password database to obtain the flag.
Fortunately, there is an open source tool that decrypts Mozilla protected passwords. I started with setting up my linux machine for the challenge.
mkdir -p ~/CTF/Fire
I saved the key4.db and logins.json files to ~/CTF/Fire.
Next, I am going to change directories to the Fire directory I created.
cd ~/CTF/Fire
Next, I used git to clone the firepwd repo.
git clone https://github.com/lclevy/firepwd.git
firepwd’s readme.md states, I need to use the following command to install the program:
pip install -r requirements.txt
pip is a package manager for Python and you can pass the -r argument to specify the location of a file that provides a list of required python packages and their versions to automate the installation.
To install firepwd, I first need to change directory into firepwd.
cd firepwd
Now, I need to run the firepwd program and specify the location of the key4.db and logins.json files.
python3 ./firepwd.py -d ~/CTF/Fire
The tools provides us with the flag, BTC{key3.dbPassword}.
Solving the Challenge
- Run the command mkdir -p ~/CTF/Fire
- Browse to http://18.205.188.77/challenges.
- Click Fire.
- Click key4.db and logins.json to download the files. Save the files in ~/CTF/Fire
- Run the command cd ~/CTF/Fire
- Run the command git clone https://github.com/lclevy/firepwd.git
- Run the command cd firepwd
- Run the command pip install -r requirements.txt
- Run the command python3 ./firepwd.py -d ~/CTF/Fire
- The flag is BTC{key3.dbPassword}
- Copy the flag
- Paste the flag into the Flag field.
- Click Submit.
Instance address