Medium Live

07601

60 points

2608 Solves

Forensics

Medium

alexkato29

Community Rating: 4.49 / 5

https://mega.nz/#!CXYXBQAK!6eLJSXvAfGnemqWpNbLQtOHBvtkCzA7-zycVjhHPYQQ I think I lost my flag in there. Hopefully, it won't get attacked...

First 10 Solvers

Rank Username
1 ross3102
2 emperorlepone
3 niclev20
4 dknj11902
5 nandayo
Rank Username
6 aglickman
7 lzutao
8 skycoder
9 henceforth
10 pir00t

  • ralphtheninja

    Very entertaining. I learned about jpeg always ending in ffd9 and PK being the initials of Phil Katz :)

  • k4at3034

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • BRSwift

    Very similar to a previous challenge that's easy. This just adds more steps.

  • LordBlueShell

    That was a good one! I spent too long trying to "uncorrupt" the JPEG file, trying to fix the header and trailer in a hex editor. Somebody clued me in to look closer at the text in Notepad.

  • loopwithinaloop

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • pjrox

    Easy Peasy just hexedit the following zip file #ifYouKnowWhatIMean

  • hamu96

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • c0conut

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Gombrich

    Very good. The "strings" command may help with the last step in this challenge.

  • Ishiven

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • MateuszK123

    How is it possible that the archive and image are recognized from the same file?

  • I still can't find the flag. I found these "Don't open this, I warned you" things, but I still can't get any further

  • loome

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Binder

    had to adjust the default minimum output of that last command to make it show up

  • crimemastergogo

    /Downloads/output/zip/Secret Stuff.../Don't Open This... here i got a jpeg file i tried to find the string but can't ,anyone can give me a hint?

    • Kationa

      <ol> <li>

      Linux command line has a command to show all strings from a file

      </li> <li>

      Linux command line has a command to filter the output - flags usually do contain symbols like '{' and '}', don't they?

      </li> <li>

      If you don't see any flags then, it's either because something is wrong with your command, OR... the flag might be somewhere else

      </li> </ol>

      good luck

    • crimemastergogo

      help me if u can /Downloads/output/zip/Secret Stuff.../Don't Open This... here i got a jpeg file i tried to find the string but can't ,anyone can give me a hint?

      • Fl4Gg3R

        Hi

        Just use strings and then search the output with a specific command. Search for "CTF" and there is the flag. Except that you need to modify the flag to get it right (change some numbers to letters and vice versa). (Hopefully i wont get banned because of this.)

          • Fl4Gg3R

            And btw can you help me with PIN? I have been stuck on it for days.

              • Fl4Gg3R

                Yeah, but no longer need to help me because i was able to solve it.

  • ghostblade

    Secret Stuff.../Don't Open This.../.DS_StoreUX? Secret Stuff.../Don't Open This.../I Warned You.jpeg

    i saw these text inside imge (nothing more)

    • Aster

      clue. use binwalk and dive deep in every image

  • Aster

    a bit of a headache but good