PicoCTF-2019 Writeup
  • HHousen PicoCTF-2019 Writeup
  • Binary Exploitation
    • L1im1tL355
    • messy-malloc
    • OverFlow 2
    • CanaRy
    • NewOverFlow-1
    • NewOverFlow-2
    • sice_cream
    • seed-sPRiNG
    • leap-frog
    • GoT
    • rop64
    • rop32
    • Ghost_Diary
    • zero_to_hero
    • Challenge Name
    • Heap overflow
    • slippery-shellcode
    • AfterLife
    • SecondLife
    • stringzz
  • Cryptography
    • la cifra de
    • b00tl3gRSA2
    • b00tl3gRSA3
    • AES-ABC
    • john_pollard
    • b00tl3gRSA2
    • waves over lambda
  • Forensics
    • What Lies Within
    • m00nwalk
    • shark on wire 1
    • shark on wire 2
    • Glory of the Garden
    • pastaAAA
    • Investigative Reversing 0
    • Investigative Reversing 1
    • extensions
    • investigation_encoded_1
    • Investigative Reversing 2
    • investigation_encoded_2
    • Investigative Reversing 3
    • like1000
    • Investigative Reversing 4
    • WebNet0
    • B1g_Mac
    • m00nwalk 2
    • WebNet1
    • WhitePages
    • So Meta
    • c0rrupt
  • Web Exploitation
    • Java Script Kiddie 2
    • Empire1
    • Empire2
    • cereal hacker 1
    • Empire3
    • cereal hacker 2
    • Java Script Kiddie
    • JaWT Scratchpad
    • Irish-Name-Repo 1
    • Irish-Name-Repo 2
    • Irish-Name-Repo 3
  • Reverse Engineering
    • Time's Up, Again!
    • Forky
    • droids0
    • Challenge Name
    • droids1
    • droids2
    • droids3
    • reverse_cipher
    • droids4
    • B1ll_Gat35
    • Time's Up
    • Time's Up, For the Last Time!
    • asm1
    • asm2
    • asm3
    • asm4
  • Challenge Name
Powered by GitBook
On this page
  • Problem
  • Solution
  • Flag

Was this helpful?

Edit on Git
  1. Forensics

What Lies Within

PreviousForensicsNextm00nwalk

Last updated 4 years ago

Was this helpful?

Problem

Theres something in the building. Can you retrieve the flag?

Solution

  1. This is a challenge where .

  2. The flag can be extracted with zsteg:

     zsteg buildings.png 
     b1,r,lsb,xy         .. text: "^5>R5YZrG"
     b1,rgb,lsb,xy       .. text: "picoCTF{h1d1ng_1n_th3_b1t5}"
     b1,abgr,msb,xy      .. file: PGP Secret Sub-key -
     b2,b,lsb,xy         .. text: "XuH}p#8Iy="
     b3,abgr,msb,xy      .. text: "t@Wp-_tH_v\r"
     b4,r,lsb,xy         .. text: "fdD\"\"\"\" "
     b4,r,msb,xy         .. text: "%Q#gpSv0c05"
     b4,g,lsb,xy         .. text: "fDfffDD\"\""
     b4,g,msb,xy         .. text: "f\"fff\"\"DD"
     b4,b,lsb,xy         .. text: "\"$BDDDDf"
     b4,b,msb,xy         .. text: "wwBDDDfUU53w"
     b4,rgb,msb,xy       .. text: "dUcv%F#A`"
     b4,bgr,msb,xy       .. text: " V\"c7Ga4"
     b4,abgr,msb,xy      .. text: "gOC_$_@o"
  3. Visit for more information. Steghide is used for JPG images and Zsteg is used for PNGs.

  4. can solve this challenge:

     Target completed in 2.57 seconds after 14215 unit cases
     zsteg(/data/targets/buildings.png) ➜
     picoCTF{h1d1ng_1n_th3_b1t5} - (copied)

Flag

picoCTF{h1d1ng_1n_th3_b1t5}

Image
the flag is hidden in the least significant bit of each pixel value
HackTricks
Katana