180010027
/
CTFlearn-Writeups
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
CTFlearn Writeups
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
11 MiB
 
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
CTFlearn-Writeups/Forensics/07601
rishitsaiya 53fd30619d
Added CTFlearn writeups 		4 years ago
..
AGT.png Added CTFlearn writeups 4 years ago
README.md Added CTFlearn writeups 4 years ago

README.md

07601

The main idea finding the flag using basic forensics techniques.

Step-1:

After we download the given image AGT.png from the cloud, we just try simple techniques.

Step-2:

I first tried a very basic strings AGT.png & strings AGT.png | grep {.

I got the following output, through which I came to know about existing hidden directories.

v{n,	
n.l{
qYv{
,nO{
2[{oO
{^UH
i{WY*
ABCTF{fooled_ya_dustin}
{u4j,\
B-{4B
}UXG{
{`(k
cB{V,
7{Ul
{$48
~9{;b
ECG{~'8
{Rf:
M}fS{
{{*7'
cGc{qlt'5
DD2{
{f8-Z
{R[7
UJL{
ez	{Rz
,K{^b
WL{?
1?{M
YJ{.
E{'+
ZQ9{
1{@S
\s{)
mDEH{
qz{*
{d"&
{QuH%
,97{{
.~>{
F{E`{;
46B{
Le*{
HrZl{T
^{K>
_4={
EHLl{V
{Wh>
 {:4
B{Cl
g{:i
Z{e&
:{S/\
{:%|Ium#
_E{Wj
S{5U
S{Eh
r{}%
ht{{
;Xc{
ST{{
{>eG
2eN{
A{b5
wu{@
y.V{j0^
8~x{
{;F#
.{|6m	
{%0[
{~u(
TB{b
i{Hhm
=Z{"4
v.aa{
j-@l{
DsB{
4{C$v`
"Y1!{I
	B{^
X>{I
KNzO{
_I{[-
%{*e
B-{4B
}UXG{
{`(k
cB{V,
7{Ul
{$48
~9{;b
ECG{~'8
{Rf:
M}fS{
{{*7'
cGc{qlt'5
DD2{
{f8-Z
{R[7
UJL{
ez	{Rz
,K{^b
WL{?
1?{M
YJ{.
E{'+
ZQ9{
1{@S
\s{)
mDEH{
qz{*
{d"&
{QuH%
,97{{
.~>{
F{E`{;
46B{
Le*{
HrZl{T
^{K>
_4={
EHLl{V
{Wh>
 {:4
B{Cl
g{:i
Z{e&
:{S/\
{:%|Ium#
_E{Wj
S{5U
S{Eh
r{}%
ht{{
;Xc{
ST{{
{>eG
2eN{
A{b5
wu{@
y.V{j0^
8~x{
{;F#
.{|6m	
{%0[
{~u(
TB{b
i{Hhm
=Z{"4
v.aa{
j-@l{
DsB{
4{C$v`
"Y1!{I
	B{^
X>{I
KNzO{
_I{[-
%{*e
Dwnc{E
B-{4B
}UXG{
{`(k
cB{V,
7{Ul
{$48
~9{;b
ECG{~'8
{Rf:
M}fS{
{{*7'
cGc{qlt'5
DD2{
{f8-Z
{R[7
f{KR
,K{^b
WL{?
1?{M
YJ{.
E{'+
ZQ9{
1{@S
\s{)
mDEH{
qz{*
{d"&
{QuH%
,97{{
.~>{
F{E`{;
46B{
Le*{
HrZl{T
^{K>
_4={
EHLl{V
daIj{
fz{]
{gy5
i{1"Aj
rr@{
C_,{
WoIx{
<6\`{
%{-N(
|B{~
{t^l
dNDM'{
k/{|
{_ G
);bW{
?XG>z{
=k{-
{Y6g
K5g{2
mz{S
2eF{
{y4^(
GB{%
E{/Y
{p`w?
mE-{
~*{+
.{|6m	
{%0[
{~u(
TB{b
i{Hhm
=Z{"4
v.aa{
j-@l{
DsB{
4{C$v`
"Y1!{I
	B{^
X>{I
KNzO{
_I{[-
%{*e

Step-3:

I tried this ABCTF{fooled_ya_dustin} flag, but it showed incorrect. So let's explore the hidden folders.

Step-4:

I tried binwalk -e AGT.png. I get a new directory called _AGT.png.extracted. Let's get into this.

Step-5:

The contents of which are some of the images and directory. I directly, tried strings I Warned You.jpeg | grep {

Step-6:

I got this output:

{P|I
{zRhc
{>ch
^|){O
rU<o{
R3w{x
o	 {p
=d{]i
w{3)Z:
uYz}{
{uBH
*}{MD
}"W{
:Ja{
.?{M$f
!0{8
{/!s
tM,o{
{tLL
q{dG
b[{MTF
{Y1W
ABCTF{Du$t1nS_D0jo}1r
1{wl
{Y,x
6fr{+
q{:zG
Nv{%M#
{+	-"
Qa{+
tx"{
{!f'WkQV
XUg{
!{;xV
?Khh{
w#{]U#
JGdD{n
W]L{`g
{Z.W\
r"w{
.$A{
)cn_P{V
 b{5
:\7{{
gk{|(qwC
Vv{;t[Tjy#r
NR{{]
Pv{]JS
{'R-
${zT
Ac{*:]#
{Mj9
.	6{4
w{Y[8o
{zY\4
q{:g#g
roO{
F{Dfx$
mJ{#
OgRZho{
Ug3{x
'{u^n
b%{l^
r&*$b{
M|vMH{.
[R'{_
{P7v+
b{+W
/{+w
F{~aLVF
{:el
sIS{
8r:s{
I{M5
e%K#{
u5{1j
Bww{
{XW+
$v{/O
+6,{~aV
iNc{
{R8c
y)8{{0q
1{]'%<B
R{.x
{533
1{ue
:?{#&2B
{%c]2U
;#Y{

Luckily, here the flag worked.

Step-7:

Finally the flag becomes: ABCTF{Du$t1nS_D0jo}1r