follow up of Cracking Forensics CTFs 1.0 — picoCTF https://medium.com/@swethas274/8b143d12b615
This article is a continuation of the 1.0 version. If you haven’t read that yet i recommend you reading that before reading this
Press enter or click to view image in full size
So, the file extension is .png
Some of the common methodsto solve a image based CTFs
Press enter or click to view image in full size
Basic inspection
Look at metadata:
exiftool image.png
#---- or ------
strings image.png | lessPress enter or click to view image in full size
Check for embedded files (steganography)
- Use
binwalkto see if the image contains hidden archives/files:
binwalk -e image.png- Try
steghide(if password protected, the challenge may hint at it):
steghide extract -sf image.png