Rating: 0

[original writeup](https://github.com/shiltemann/CTF-writeups-public/blob/master/IceCTF-2018/writeup.md#steganography-400-rabbit-hole)

**Challenge**

Here's a picture of my favorite vegetable. I hope it doesn't make you cry.

![](https://raw.githubusercontent.com/shiltemann/CTF-writeups-public/master/IceCTF-2018/writeupfiles/rabbithole.jpg)

**Solution**

After a lot of experimenting, we find out we can uncover a hidden message from the image using steghide:

```bash
$ steghide extract -sf rabbithole.jpg
Enter passphrase: <onion>
wrote extracted data to "address.txt".
```
whoo! contents of the file `address.txt` is:

```
wsqxiyhn23zdi6ia
```

might be an `.onion` link? Opening `http://wsqxiyhn23zdi6ia.onion` with a tor browser (or via https://onion.link/) gives:

![](https://raw.githubusercontent.com/shiltemann/CTF-writeups-public/master/IceCTF-2018/writeupfiles/rabbithole_screenshot.png)

We find nothing in the images, but after some hints we find that the chinese characters are [base65536](https://github.com/Parkayun/base65536)

```python
# pip install base65536

import base65536

with open('rabbithole_characters.txt','r') as f:
ct = f.readline().rstrip().replace(' ','')

with open('rabbithole_out','wb') as f2:
f2.write(base65536.decode(ct))
```

which turns out to be an epub on cell phone hacking. Searching the contents for the flag gives it to us

![](https://raw.githubusercontent.com/shiltemann/CTF-writeups-public/master/IceCTF-2018/writeupfiles/rabbithole_flag.png)

**Flag**
```
IceCTF{if_you_see_this_youve_breached_my_privacy}
```