Just open it (Forensics) – 15

Description

I’m almost positive we put a flag in this file. Can you find it for me?

Solution

Viewing this image, there are some words suggesting we look elsewhere, somewhere deeper like in a hex editor. This is indicating that they’ve most likely embedded the flag as a string of bytes among the jpeg bytes. We can print out all printable characters from a file using the unix strings command.

strings 676F6F645F6A6F625F6275745F746869735F69736E745F7468655F666C6167.jpg | grep -i 'abctf'
ABCTF{forensics_1_tooo_easy?}

Comments are closed.

WordPress.com.

Up ↑