PicoCTF-2019 Writeup
Search
K
Comment on page

m00nwalk 2

Problem

Revisit the last transmission. We think this transmission contains a hidden message. There are also some clues clue 1, clue 2, clue 3. You can also find the files in /problems/m00nwalk2_0_c513cbf9ae6c76876372b8e29826e77b.

Solution

  1. 1.
    Decode the 3 clues using the same method from the first m00nwalk challenge except using the Auto mode instead of "Scottie 1". "Martin 1", "Scottie 2", and "Martin 2" are the necessary modes for each clue respectively.
  2. 2.
    Three clues:
    Clue 1 image
    Clue 2 image
    Clue 3 image
  3. 3.
    Searching for "Alan Eliasen the Future Boy" brings us to this page, which talks about Steganography Tools.
  4. 4.
    Either the decode page of the above site or steghide can be used to decode the original message and get the flag using the password from the first clue: steghide extract -sf message.wav -p hidden_stegosaurus then cat steganopayload12154.txt

Flag

picoCTF{the_answer_lies_hidden_in_plain_sight}
Previous
B1g_Mac
Next
WebNet1
Last modified 2yr ago