Nahamcon - Blobber

We have a file to download : blobber

When we check the filetype we get that it is an sqlite database file. We can use a tool such as sqlite3 to connect to the database as a file and inspect it.

When checking for the tables in the file we can see that we have only one named blobber.

When looking at the content of that table, We can see that the ids goes from 1 to ~500. And the name column only contains garbage value (or maybe I am too dumb to recognize 😥).

Only one of the data field has a value. As we can see on the schema earlier, this is BLOB type which is a binary large object. In order to retreive the content we can use that query :

sqlite> SELECT hex(data) from blobber where data != "";

Playing with the value, we can tell that this is a Bzip2 archive. (Using our dear cyberchef tool)

We can then save it and extract as a bzip2 archive. We have one file in it.

As you can tell, it is an image. when we open the image, we get the flag !