好,我现在要帮用户总结这篇文章的内容,控制在一百个字以内。首先,我需要通读整篇文章,抓住主要信息。 文章讲的是一个CTF比赛中的挑战,属于隐藏信息的类型。用户使用了zsteg和binwalk等工具,多次提取嵌入在PNG文件中的ZIP档案,最终通过LSB技术在StegOnline上找到了隐藏的标志。 接下来,我需要将这些关键点浓缩到100字以内。要注意不要使用“文章内容总结”这样的开头,直接描述内容。 可能的结构是:挑战类型、使用的工具、提取过程、最终方法和结果。 现在试着组织语言: “这是一个隐藏信息的挑战,参与者通过使用zsteg和binwalk等工具从PNG文件中提取嵌入的ZIP档案,并多次解包后发现最终图像。通过LSB技术在StegOnline上提取出隐藏的标志。” 检查字数是否在限制内,并确保所有关键步骤都被涵盖。 </think> 这是一个隐藏信息的挑战,参与者通过使用zsteg和binwalk等工具从PNG文件中提取嵌入的ZIP档案,并多次解包后发现最终图像。通过LSB技术在StegOnline上提取出隐藏的标志。 2026-3-28 11:25:56 Author: infosecwriteups.com(查看原文) 阅读量:2 收藏
This challenge was given in Round 2 of KJSSE CTF 3.0 by K.J. Somaiya College of Engineering, Vidyavihar.
Challenge Description:
A butterfly shouldn’t make a cat feels this heavy. There is more to this image than meets the eye. If you dig deep enough into the structure, you’ll uncover the flag hidden underneath the heavy load.
File: chall.png
This was one of the first challenges that I completed in the CTF. From the description and file given, it was pretty clear that it was more of a Steganography challenge.
For steganography challenges, I usually prefer to use tools mentioned in the website below. It includes a handpicked list of relevant steganography tools that can help you solve the issues.
Steganography — A list of useful tools and resources — 0xRick’s Blog
For png files, the tools that come in handy are mostly strings, zsteg, binwalk and foremost. I prefer to use zsteg first to find any hidden useful strings or clue in a png file.
Command:
zsteg -a chall.pngPress enter or click to view image in full size
Clearly, there are no hidden strings, but we found that it has a “ZIP Archive file” in it. We can extract that using Binwalk.
Command:
binwalk -e chall.pngPress enter or click to view image in full size
On opening the folder, it seems that there is another png file named “lited.png”. From the first binwalk output, it is clear that we have multiple image files archived inside one another. So, I performed binwalk command on every png file and extracted them.
After a total of 10 binwalk commands, I finally got to the last image.
Press enter or click to view image in full size
Press enter or click to view image in full size
I tried strings on this image, but didn’t get much except a text saying: “NOTHING HERE, DID YOU LEAVE THE ANSWER BEHIND?”
Press enter or click to view image in full size
Clearly, I felt the need of backtracing all my steps and checking on all of the images and find if I left something behind. Next, I went back to all the images and tried strings on them, but they gave me no clue whatsoever. After spending around a nice 10–15 minutes on this, I was completely clueless on what did I left behind. Even zsteg couldn’t give any useful output on the final image.
Get Vedant Pillai’s stories in your inbox
Join Medium for free to get updates from this writer.
When I was about to give up and go to next challenge, I thought of using one last technique — Extracting data through LSB techniques.
I used the following tool for this:
StegOnline
Press enter or click to view image in full size
On uploading the final image, we get an option to check it on different bit planes.
Press enter or click to view image in full size
On checking it for “Red 0”, we can see the flag written on it clearly.
Press enter or click to view image in full size
Let’s Connect:
Linkedin: Vedant Pillai | LinkedIn
Github: Codewith-Vedant (Vedant Pillai)
如有侵权请联系:admin#unsafe.sh