Hey Hacklido fam! I’m sagnik17 and I’m kicking off my CTF writeup series with some forensics fun. First up — Stark’s Hidden Protocol. Let’s gooo 🚀
First Thing
“Don’t trust the file extensions”
yes this is the observation I got from solving CTF forensics challenges so first I ran the file command on it and yep, it’s a JPEG. Nothing suspicious on the surface 👀
Next Step
“It may sound cliche but EXIF Data sometimes tells a lot so make sure to check it”
so I dug into the EXIF metadata to hunt for any weird comments or patterns hiding in plain sight. You’d be surprised how often CTF authors tuck things in there 😏
Final Work
The challenge hinted at something hidden, and that screams steganography. So I pulled out steghide, which is a neat tool that can conceal data inside image and audio files.
so I ran one simple command
steghide extract -sf ironman.jpg
The -sf flag just tells it which stego file to extract from, and boom 💥, out pops the hidden data! I guessed the password here which is ***** I’m not going to tell 🙊 guess it yourself
hint : “it is a very obvious password to guess”
and that’s it you will add some points in your bucket. I have hidden the flag 🙂 main fun is in hunting.
let’s meet in the next blog
#steganographyCTFsGeneral #forensics #wrap
