Rating:
## Solution
The provided zip is password protected, so we can use `fcrackzip` to identify a password with the command `fcrackzip -v -D -u -p /usr/share/wordlists/rockyou.txt turtles128.zip` The password is found to be `0`, and the resulting file is a zip named `turtles127.zip`. `fcrackzip` on this zip gives the password as `1`. This pattern keeps repeating, with the password either being `0` or `1`. [`turtles.py`](https://gitlab.com/malcrypt/ctf-archive/-/blob/master/2021/tenable/stego/turtles/turtles.py) repeats these actions to get to the final file. The final file is named `key.png`.
![](https://malcrypt.gitlab.io/blog/ctfs/2021/tenable/images/turtles/key.png)
Assembling the `0`s and `1`s from the passwords and converting to hex results in this encrypted blob:
```
3dc906f6928ee882ccb1b8bdd14aa24c
```
`key.png` contains 16 bytes, so a good guess is that the ciphertext is encrypted with AES. Since we do not know an IV, we try ECB mode first.
![](https://malcrypt.gitlab.io/blog/ctfs/2021/tenable/images/turtles/cyberchef.png)
## Flag
**flag{steg0_a3s}**