Tuesday 28 August 2018

CTFlearn - 07601


https://beta.ctflearn.com/problems/97
Forensics 
by alexkato29



1) Download the image and vi the AGT.png. you will find the header JFIF which stands for stands for JPEG File Interchange Format.
$ vi AGT.png




2) Used strings to check the image AGT.png, you will get the following result. It looks like a zip instead of JPEG file


$ strings AGT.png

3) Used binwalk to inspect AGT.png. This is what I got.

$ binwalk AGT.png


4) Extract the file 
 $ binwalk -e AGT.png

5) Follow the tips, find the image file "I warned You.jpeg" 


 Secret Stuff.../Don't Open This.../I Warned You.jpegUX

6) Used strings the image and you will find the flag



1 comment:

  1. First I tried using String Command with the AGT.jpg file and I found a flag "ABCTF{fooled_ya_dustin}" at Eventually didnt work.

    ReplyDelete

Calvin Work A) My Study Plan B) My CTF Record C) My Python Code-  github    1) Crypto    2) Crunch in python (generate d...