Medium Live

07601

60 points

4044 Solves

Forensics

Medium

alexkato29

Community Rating: 4.46 / 5

https://mega.nz/#!CXYXBQAK!6eLJSXvAfGnemqWpNbLQtOHBvtkCzA7-zycVjhHPYQQ I think I lost my flag in there. Hopefully, it won't get attacked...

First 10 Solvers

Rank Username
1 ross3102
2 emperorlepone
3 niclev20
4 dknj11902
5 nandayo
Rank Username
6 aglickman
7 lzutao
8 skycoder
9 henceforth
10 pir00t

  • ralphtheninja

    Very entertaining. I learned about jpeg always ending in ffd9 and PK being the initials of Phil Katz :)

  • shafdo

    Enjoyed Playing This |/\/ CTF \/|

  • k4at3034

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • BRSwift

    Very similar to a previous challenge that's easy. This just adds more steps.

  • LordBlueShell

    That was a good one! I spent too long trying to "uncorrupt" the JPEG file, trying to fix the header and trailer in a hex editor. Somebody clued me in to look closer at the text in Notepad.

  • loopwithinaloop

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • pjrox

    Easy Peasy just hexedit the following zip file #ifYouKnowWhatIMean

    • sejialderson

      If it wasn't for your idea I think I would've never decrypted it, I expected it to be in plaintext but jokes on me. Thank you.

  • hamu96

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • c0conut

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Gombrich

    Very good. The "strings" command may help with the last step in this challenge.

  • Ishiven

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • MateuszK123

    How is it possible that the archive and image are recognized from the same file?

  • sherlockholmes221b

    I still can't find the flag. I found these "Don't open this, I warned you" things, but I still can't get any further

    • peterkran

      Same, got there but i have no idea on how to go any further

  • loome

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • Binder

    had to adjust the default minimum output of that last command to make it show up

  • crimemastergogo

    /Downloads/output/zip/Secret Stuff.../Don't Open This... here i got a jpeg file i tried to find the string but can't ,anyone can give me a hint?

    • Kationa

      <ol> <li>

      Linux command line has a command to show all strings from a file

      </li> <li>

      Linux command line has a command to filter the output - flags usually do contain symbols like '{' and '}', don't they?

      </li> <li>

      If you don't see any flags then, it's either because something is wrong with your command, OR... the flag might be somewhere else

      </li> </ol>

      good luck

    • crimemastergogo

      help me if u can /Downloads/output/zip/Secret Stuff.../Don't Open This... here i got a jpeg file i tried to find the string but can't ,anyone can give me a hint?

      • Fl4Gg3R

        Hi

        Just use strings and then search the output with a specific command. Search for "CTF" and there is the flag. Except that you need to modify the flag to get it right (change some numbers to letters and vice versa). (Hopefully i wont get banned because of this.)

          • Fl4Gg3R

            And btw can you help me with PIN? I have been stuck on it for days.

              • Fl4Gg3R

                Yeah, but no longer need to help me because i was able to solve it.

  • ghostblade

    Secret Stuff.../Don't Open This.../.DS_StoreUX? Secret Stuff.../Don't Open This.../I Warned You.jpeg

    i saw these text inside imge (nothing more)

    • Aster

      clue. use binwalk and dive deep in every image

  • Aster

    a bit of a headache but good

  • AnimaSpecial

    Secret Stuff.../Don't Open This.../I Warned You.jpeg

  • AnimaSpecial

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • sgt787

    This was a good one. Had to use more then a few tools. Strings command and Hex editor are solid though.

  • gdfah

    found the flag, but it's not being accepted. Is there another step that I'm missing?

  • arjunekuriakose

    i got the ACTF{} flag...but i cant find out how i am supposed to format it so that it is accepted

  • technophobian

    That was really good. It took me a while but I got there.

  • pizzamonkey00

    After I found the real key, it took me way too long to figure out how to format it. For those struggling where I was, keep the standard 7 bit ascii characters the same, only change the other ones.

  • John_Noob5

    wow... I actually noob and this ctf make me goes crazy for hour.. and i finally did it, by myself,, wow.. btw keep it up

  • Melino

    This is the first medium challenge I've ever done! I love it!

  • 2300

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • blasko254

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • elTiburoN

    this was quite fun and entertaining! Lucky i had Linux/Ubuntu installed in my second computer, because using windows to solve this challenge is really frustrating!!

  • shivamhc

    What does 70601 mean? I mean is it related to finding the flag or it is just a title? I solved it, but still curious about the title.

  • yupwn

    it has some clues, but also require patience and meticulous eye

  • blackghost

    After practicing the problems in easy sections, it is easy to solve this problem also.

  • blackghost

    get it on : https://github.com/root-ji218at/ctflearn.com