Post

The Picture

This is a writeup of the miscellaneous challenge The picture from the Security Valley CTF

Level: 1, Score: 5

Premise

WTF… we need a forensic specialist here

Link: https://github.com/SecurityValley/PublicCTFChallenges/tree/master/miscellaneous/the_picture

Challenge files:

challenge.png

Observations

Simply looking at the image, we see a yellow image with 2 strings: d lab_ and capture the flag, and a black squiggly line.

There are a few techniques that can be attempted here, some of which can be found here, but sadly they yield little to no results. Another tool we can use is stegsolve, but again, this tool doesn’t help us get further.

Solution

Another tool we can use is zteg made by zed-0xff. When we use this tool we get the following output:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
b1,r,lsb,xy         .. text: "vwpR&?|"
b1,rgb,lsb,xy       .. text: "SecVal{[REDACTED]}"
b1,rgba,msb,xy      .. file: OpenPGP Public Key
b1,abgr,msb,xy      .. file: OpenPGP Secret Key
b2,r,msb,xy         .. text: "_UUUUUUUUUUUUUUUUUUUUUU"
b2,g,msb,xy         .. text: "PUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU"
b2,rgba,lsb,xy      .. text: ["#" repeated 110 times]
b2,abgr,lsb,xy      .. file: OpenPGP Public Key
b2,abgr,msb,xy      .. text: ["C" repeated 92 times]
b3,rgba,lsb,xy      .. text: "dtODtO`tODv"
b4,r,msb,xy         .. text: ["U" repeated 46 times]
b4,g,lsb,xy         .. file: OpenPGP Public Key
b4,g,msb,xy         .. text: ["w" repeated 183 times]
b4,b,lsb,xy         .. file: Targa image data - Map 272 x 272 x 1 +272 +4097 - 1-bit alpha
b4,b,msb,xy         .. text: ["\"" repeated 183 times]
b4,rgb,msb,xy       .. file: OpenPGP Secret Key
b4,rgba,msb,xy      .. file: OpenPGP Secret Key

And there’s our flag.

Tools used:

  • a bash shell
  • zsteg
This post is licensed under CC BY 4.0 by the author.