@ -0,0 +1,34 @@ |
|||||
|
## Archenemy |
||||
|
The main idea finding the flag is using simple Steganography techniques. |
||||
|
|
||||
|
#### Step-1: |
||||
|
After I downloaded `arched.png`, I wasn't able to open it. So I tried simple strings, binwalk commands. But no results. |
||||
|
|
||||
|
#### Step-2: |
||||
|
So, I went for steghide tool this time. |
||||
|
|
||||
|
I tried `steghide extract -sf arched.png` and with a empty passphrase and it gave me this: |
||||
|
|
||||
|
``` |
||||
|
wrote extracted data to "flag.zip". |
||||
|
``` |
||||
|
#### Step-3: |
||||
|
So, now I had `flag.zip`, which had an image `meme.jpg`, but the zip was encrypted. So I had to use tool of that. |
||||
|
|
||||
|
``` |
||||
|
$ zipCracker/zipcracker.py -f flag.zip -w /usr/share/wordlists/rockyou.txt |
||||
|
3638 / 14344394 | 0.00% -> masones1lndg456ce |
||||
|
|
||||
|
Password cracked: kathmandu |
||||
|
|
||||
|
Took 2.379971 seconds to crack the password. That is, 1529 attempts per second. |
||||
|
``` |
||||
|
|
||||
|
#### Step-4: |
||||
|
Voila! We finally have `meme.jpg` which contains flag. |
||||
|
|
||||
|
<img src="meme.jpg"> |
||||
|
|
||||
|
#### Step-5: |
||||
|
Finally the flag becomes: |
||||
|
`csictf{1_h0pe_y0u_don't_s33_m3_here}` |
After Width: | Height: | Size: 519 KiB |
After Width: | Height: | Size: 27 KiB |
@ -0,0 +1,113 @@ |
|||||
|
## Gradient Sky |
||||
|
The main idea finding the flag is using simple Steganography techniques. |
||||
|
|
||||
|
#### Step-1: |
||||
|
After I downloaded `sky.jpg`, I tried simple `strings sky.jpg | grep {` |
||||
|
|
||||
|
<img src="sky.jpg"> |
||||
|
|
||||
|
``` |
||||
|
n"l`{ |
||||
|
X#,{c# |
||||
|
<{{!g6 |
||||
|
{}qv |
||||
|
R{Guv |
||||
|
9Cs{c= |
||||
|
f{_( |
||||
|
2;{PG< |
||||
|
oH{iy$ |
||||
|
0{Tn |
||||
|
q{dv |
||||
|
{=Zw |
||||
|
=||^{r |
||||
|
75ub{ |
||||
|
|AcV{ |
||||
|
;?{O |
||||
|
`58{ |
||||
|
M{>ww |
||||
|
ET{vz |
||||
|
{tL=[' |
||||
|
r{;M |
||||
|
{z_| |
||||
|
Ezv{M |
||||
|
ef^{ |
||||
|
{NxTy |
||||
|
'{w'=\W |
||||
|
;\&\{ |
||||
|
yv{O |
||||
|
nyui{ |
||||
|
{.,} |
||||
|
.{M. |
||||
|
h)+{8 |
||||
|
={,^ |
||||
|
L,QaQDX{ |
||||
|
X{{V |
||||
|
fty{/ |
||||
|
xr{4< |
||||
|
]{>{ |
||||
|
x8]{ |
||||
|
c&A{ |
||||
|
={-^/ |
||||
|
-iQuG-S{ |
||||
|
6{)s |
||||
|
7{oi |
||||
|
w'u{ |
||||
|
,:({ |
||||
|
ly={=/. |
||||
|
{V<7, |
||||
|
qv{]: |
||||
|
z={m |
||||
|
v{M:v |
||||
|
/@j{ |
||||
|
{Yowk |
||||
|
M{65 |
||||
|
{]:uc |
||||
|
M[\{ |
||||
|
yv{M: |
||||
|
f_UQ{ |
||||
|
m{G/ |
||||
|
W.q{ |
||||
|
E{4;G- |
||||
|
{63( |
||||
|
][-z{ |
||||
|
?f{F |
||||
|
<{\u |
||||
|
=+:{^ |
||||
|
w={<=x |
||||
|
xVP{ |
||||
|
Z8<{; |
||||
|
;}z{ |
||||
|
?-{> |
||||
|
?9{6 |
||||
|
Vy={> |
||||
|
o.{[ |
||||
|
{~zru |
||||
|
{9E~ |
||||
|
m?Oi{ |
||||
|
.{]} |
||||
|
:zP{ |
||||
|
zv{=: |
||||
|
k-tb{ |
||||
|
o{tl |
||||
|
{=3{ |
||||
|
?p{{, |
||||
|
v{<k |
||||
|
6{[3 |
||||
|
S{25 |
||||
|
y{_f |
||||
|
DX}L{ |
||||
|
Y%O{ |
||||
|
sz/{S |
||||
|
{]Sv |
||||
|
m6{= |
||||
|
v[M{; |
||||
|
{Vf? |
||||
|
%zv{lLPg |
||||
|
x'{O |
||||
|
csictf{j0ker_w4snt_happy} |
||||
|
``` |
||||
|
Voila! There we have our flag. |
||||
|
|
||||
|
#### Step-2: |
||||
|
Finally the flag becomes: |
||||
|
`csictf{j0ker_w4snt_happy}` |
After Width: | Height: | Size: 288 KiB |
@ -0,0 +1,28 @@ |
|||||
|
## Panda |
||||
|
The main idea finding the flag is using zip2john. |
||||
|
|
||||
|
#### Step-1: |
||||
|
After I downloaded `panda.zip`, I got 2 files in it, `panda.jpg` & `panda1.jpg`. |
||||
|
|
||||
|
#### Step-2: |
||||
|
It was encrypted. So I used `zip2john` tool to crack the zip. |
||||
|
|
||||
|
```bash |
||||
|
zip2john panda.zip > hash.txt |
||||
|
john.exe --wordlist=real_human hash.txt |
||||
|
``` |
||||
|
<img src="panda.jpg"> |
||||
|
|
||||
|
<img src="panda1.jpg"> |
||||
|
|
||||
|
#### Step-3: |
||||
|
|
||||
|
This simple `flag.py` python script helps us to get the flag. |
||||
|
|
||||
|
```python |
||||
|
print(''.join([chr(i) for i, j in zip(open('panda1.jpg', 'rb').read(), open('panda.jpg', 'rb').read()) if i!= j])) |
||||
|
``` |
||||
|
|
||||
|
#### Step-4: |
||||
|
Finally the flag becomes: |
||||
|
`csictf{kung_fu_p4nd4}` |
@ -0,0 +1 @@ |
|||||
|
print(''.join([chr(i) for i, j in zip(open('panda1.jpg', 'rb').read(), open('panda.jpg', 'rb').read()) if i!= j])) |
After Width: | Height: | Size: 76 KiB |
After Width: | Height: | Size: 76 KiB |
After Width: | Height: | Size: 110 KiB |
After Width: | Height: | Size: 44 KiB |
@ -0,0 +1,36 @@ |
|||||
|
## unseen |
||||
|
The main idea finding the flag is using LSB bit and steghide tools. |
||||
|
|
||||
|
#### Step-1: |
||||
|
After I downloaded `nyc.png` & `morse.wav`, I tried basic `binwalk` and `strings`, but obviously it didn't work. |
||||
|
|
||||
|
<img src="nyc.png"> |
||||
|
|
||||
|
#### Step-2: |
||||
|
I tried to decode `morse.wav` online [here](https://morsecode.world/international/decoder/audio-decoder-adaptive.html). |
||||
|
|
||||
|
<img src="Morse_Decode.png"> |
||||
|
|
||||
|
#### Step-3: |
||||
|
|
||||
|
This message gave me idea that I have to search further in image only. Using the LSB hint from the description, I found the string `42845193` at 1-bit LSB. |
||||
|
|
||||
|
#### Step-4: |
||||
|
Using Steghide tool, I tried to extract data from the `morse.wav` by command `steghide extract -sf morse.wav` |
||||
|
Passphrase was `42845193` |
||||
|
|
||||
|
It gave me this output: |
||||
|
|
||||
|
``` |
||||
|
wrote extracted data to "flag.txt". |
||||
|
``` |
||||
|
#### Step-5: |
||||
|
Something to work on. So when I opened `flag.txt`. It was blank with space, tabs and newline. So I tried to decode that using Whitespace Decoder at : https://vii5ard.github.io/whitespace/ |
||||
|
|
||||
|
<img src="Flag.png"> |
||||
|
|
||||
|
Voila! I had the flag there. |
||||
|
|
||||
|
#### Step-6: |
||||
|
Finally the flag becomes: |
||||
|
`csictf{7h47_15_h0w_y0u_c4n_83c0m3_1nv151813}` |
@ -0,0 +1,89 @@ |
|||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
After Width: | Height: | Size: 1.7 MiB |