Rating:
Images on original writeup: [https://lawfulwaffle.com/2020/07/22/csictf-writeups/#archenemy](http://)
This is a classic beginner’s steganography challenge. Steganography, sometimes abbreviated to stego, is any method of hiding a message inside a file. Sometimes, a whole other file can be concealed in an image!
There’s really not much method to figuring out challenges like these. I just know from previous experience that zsteg, jsteg, or steghide would find the concealed information for me. Sure enough, running steghide info arched.jpg reveals an embedded file: flag.zip, which is password protected .
To crack the password, you can run zip2john on the file to get a hash file. Then you can run john on the hash to crack it with the rockyou wordlist. The password is kathmandu
Once you extract the zip file with steghide extract -sf arched.jpg and unzip the file to see the flag on meme.jpg
steghide to extract flag.zip
Bad Luck Brian is an 8 year old meme btw
No captcha required for preview. Please, do not write just a link to original writeup here.