Tuesday, 28 August 2018

CTFlearn - 07601


 https://beta.ctflearn.com/problems/97
Forensics 
by alexkato29
1) Download the image and vi the AGT.png. you will find the header JFIF which stands for stands for JPEG File Interchange Format.
$ vi AGT.png


2) Used strings to check the image AGT.png, you will get the following result. It looks like a zip instead of JPEG file

 
$ strings AGT.png

3) Used binwalk to inspect AGT.png. This is what I got.

$ binwalk AGT.png


4) Extract the file 
 $ binwalk -e AGT.png

5) Follow the tips, find the image file "I warned You.jpeg" 

 
 Secret Stuff.../Don't Open This.../I Warned You.jpegUX

 6) Used strings the image and you will find the flag
-
Labels: ,

1 comment:

  1. Sammy146815 December 2019 at 23:29

    First I tried using String Command with the AGT.jpg file and I found a flag "ABCTF{fooled_ya_dustin}" at Eventually didnt work.

    ReplyDelete

Subscribe to: Post Comments (Atom)

Calvin Work A) My Study Plan B) My CTF Record C) My Python Code-  github    1) Crypto    2) Crunch in python (generate d...

  • (no title)
    CTFlearn - 07601 https://beta.ctflearn.com/problems/97 Forensics  by alexkato29 1) Download the image and vi the AGT.png. you will ...
  • (no title)
    CTFlearn -  HEXTROADINARY https://beta.ctflearn.com/problems/158 Cryptography crypto Tips: The coder name "ROXy"...
  • Hack The Box: Sniper Walk through
    Hack The Box:  Sniper Walkthrough By 130n@calvinlai.com