Exec dmesg - Writeup by Maxima


Please find the secret message from the iso linux image.



We find in the archive a file core-current.iso which is a bootable CD-ROM image. We then run it using Virtualbox or qemu:

$ qemu-system-x86_64 -cdrom core-current.iso -boot d

We quickly get a shell. The first step is to gain root access:

tc@box:~$ sudo su

We now try to exec dmesg (the title is probably a hint!):

# dmesg
dmesg: applet not found

This is weird, we look into /bin:

# ls -l /bin/dmesg
lrwxrwxrwx    1 root root   7 Nov   1 02:50 /bin/dmesg -> busybox

It looks like all binaries are symbolic links to busybox and dmesg is not compiled. After a few searches on Google, we finally learn that dmesg just reads /proc/kmsg, so we try:

# cat /proc/kmsg | grep SECCON

And here is the flag!


Maxime Arthaud 2015/12/07 10:23