In the first stegano task there was given a picture of a class board. As the task title says the flag is probably split into couple of fragments.
 |
| Task |
As this file is a PNG image I checked PNG chunks for some extra information. There was nothing helpful. Then I used utility called Stegsolve and looked at various layers of the image including color bit planes. There was nothing suspicious, but in case I've missed something I've tried to extract various combinations of LSB, but no success either. Then I remembered that while waiting for the CTF to start I saw the same image in the Media tab of the main site. Here is the link to the media tab. I converted that image into PNG using imagemagick utility called "convert". And compared those two using "compare" utility from the same toolkit. Here what I got:
 |
| Diff between original and task |
Next eventually I used a program called stegpic(available online) and got the second part of the flag("1ba1eccd1f5a1a9").
So the flag was: ASIS_7da6f7fb1c6a5adad1ba1eccd1f5a1a9
P.S. To see the first part more clearly you can also use stegsolve, that I've already mentioned. Here what it produces:
No comments:
Post a Comment