What Lies Within


Theres something in the building. Can you retrieve the flag?


  1. The flag can be extracted with zsteg:

     zsteg buildings.png 
     b1,r,lsb,xy         .. text: "^5>R5YZrG"
     b1,rgb,lsb,xy       .. text: "picoCTF{h1d1ng_1n_th3_b1t5}"
     b1,abgr,msb,xy      .. file: PGP Secret Sub-key -
     b2,b,lsb,xy         .. text: "XuH}p#8Iy="
     b3,abgr,msb,xy      .. text: "t@Wp-_tH_v\r"
     b4,r,lsb,xy         .. text: "fdD\"\"\"\" "
     b4,r,msb,xy         .. text: "%Q#gpSv0c05"
     b4,g,lsb,xy         .. text: "fDfffDD\"\""
     b4,g,msb,xy         .. text: "f\"fff\"\"DD"
     b4,b,lsb,xy         .. text: "\"$BDDDDf"
     b4,b,msb,xy         .. text: "wwBDDDfUU53w"
     b4,rgb,msb,xy       .. text: "dUcv%F#A`"
     b4,bgr,msb,xy       .. text: " V\"c7Ga4"
     b4,abgr,msb,xy      .. text: "gOC_$_@o"
  2. Visit HackTricks for more information. Steghide is used for JPG images and Zsteg is used for PNGs.

  3. Katana can solve this challenge:

     Target completed in 2.57 seconds after 14215 unit cases
     zsteg(/data/targets/buildings.png) ➜
     picoCTF{h1d1ng_1n_th3_b1t5} - (copied)



Last updated