Everything Wrong - CTF 36
CTF Name: Everything Wrong
Topic: OSINT
Flag Format: IHC_CTF{}
CTF Link: https://t.me/ctf_invisiblehc/63
Description:
Wrong everywhere. Correct them and find the flag. Find demo flag? One more step is here.
Solution:
To solve this challenge, we need to extract the files from CTF36.zip and obtain the password from Password.png.
Firstly, we can check the bytes of Password.png by using a hex editor, which can be accessed through the terminal by typing "hexedit Password.png" or by visiting a website such as https://www.hexed.it
After checking the bytes, we can compare them with the file signature of a PNG file, which we can find on Wikipedia
https://en.m.wikipedia.org/wiki/List_of_file_signatures
By confirming the correct bytes, we can find an image that contains the password "Join @invisiblehc", which we can use to extract the flag from Flag.rar
Once we have the password, we can access Flag.rar and obtain the demo flag. However, the flag is encoded using Unicode text steganography. To decode it, we can use a Unicode Text Steganography Decoder, such as the one found at https://www.irongeek.com/i.php?page=security/unicode-steganography-homoglyph-encoder.
By using the decoder, we can retrieve the flag and complete the challenge.
flag: IHC_CTF{C7F_15_FUN}
Join Our CTF Channel: