Description#

Sometimes it’s a relief to be invisible. CYBERGON_CTF2024{xxxx_xxxx_xxxxx}

Author - iamkfromburma

Solution#

Given an image file challenge1.jpg, let’s try find something using Aperisolve.

There’s something interesting in the Red section.

We can see that there’s getyourflag on the bottom left of the picture.

let’s try using steghide extract -sf challenge1.jpg and getyourflag as the passphrase

and we got a flag.txt file

Flag

CYBERGON_CTF2024{n07h1ng_5t4ys_h1dd3n}

Description#

If you are waiting for a sign, this is it. CYBERGON_CTF2024{xxx_xxxx_xxxxx}

Author - iamkfromburma

Solution#

We are given a png file but is corrupted.

let’s try checking it using a hexeditor

As expected, we’re missing the first 8 bytes of the png header. let’s try adding it

Save it and we can now view the png file

Flag

CYBERGON_CTF2024{y0u_g07_7h3_r!gh7_s1gn5}

Description#

Find the secret behind the wall ? CYBERGON_CTF2024{xxxx_xxxxx_xxxxx}

Author - iamkfromburma

Solution#

We are given an image challenge4.jpg and a JS.txt file from the challenge.

Let’s try check the image metadata first using exiftool

1
ExifTool Version Number         : 13.00
2
File Name                       : challenge4.jpg
3
Directory                       : .
4
File Size                       : 180 kB
5
File Modification Date/Time     : 2024:09:28 01:28:53+07:00
6
File Access Date/Time           : 2024:11:30 18:33:47+07:00
7
File Inode Change Date/Time     : 2024:11:30 18:33:49+07:00
8
File Permissions                : -rwxrwxrwx
9
File Type                       : JPEG
10
File Type Extension             : jpg
11
MIME Type                       : image/jpeg
12
JFIF Version                    : 1.01
13
X Resolution                    : 72
14
Y Resolution                    : 72
15
Exif Byte Order                 : Big-endian (Motorola, MM)
16
Resolution Unit                 : inches
17
Y Cb Cr Positioning             : Centered
18
Exif Version                    : 0232
19
Components Configuration        : Y, Cb, Cr, -
20
User Comment                    : winteriscoming
21
Flashpix Version                : 0100
22
Image Width                     : 1920
23
Image Height                    : 1080
24
Encoding Process                : Progressive DCT, Huffman coding
25
Bits Per Sample                 : 8
26
Color Components                : 3
27
Y Cb Cr Sub Sampling            : YCbCr4:2:0 (2 2)
28
Image Size                      : 1920x1080
29
Megapixels                      : 2.1

I saw winteriscoming on user comment, maybe we can use it for something related to txt files. since there is nothing else we can do by using jpg files. let’s try to find some steganography tools related to Text.

After some research, I found a tool called Snow and it’s for a text-based steganography. let’s try using it

Command: ./SNOW.EXE -C -p "winteriscoming" JS.txt

Output: 3X1f_w1th_5n0w5

Flag

CYBERGON_CTF2024{3X1f_w1th_5n0w5}

Description#

You’ll recognize it when you see it, it’s something you’ve already done before.

CYBERGON_CTF2024{XXXXXXXXXXXXXXXXXXXXX} Author - iamkfromburma

Solution#

We are given a password protected rar file. we can try to crack it using john the ripper.

1
rar2john Triple_Quiz.rar > cek.hash -> Extracting the hash of the rar file
2

3
john --wordlist=/usr/share/wordlists/rockyou.txt cek.hash -> cracking using rockyou

and we get the password ICEMAN

After extracting the rar file, we got a .wav file. By hearing it, I suspect that this audio is a morse code.

Let’s try decode it using Morse Code Decoder and we got this 6 666 777 7777 33 9 444 8 44 8 66 444 66 33

let’s try using cipher identifier in dcode

Flag

CYBERGON_CTF2024{MORSEWITHTNINE}