A lot easier than the amount of solves would tell you.
- You're given a mjpg file. This is a "Motion JPG" file, which is just a bunch of JPG files put together and streamed at you.
- Just run some sort of MJPG splitter (
ffmpeg -i mjpegvideo.avi -vcodec copy frame%d.jpg)
- Quickly analyze all the split out JPG files (
file *.jpg; jpeginfo *.jpg; <your-fave-jpg-analyzer-tool-there's-a-billion> *.jpg.
- Hopefully one of those tools, tells you in some way that the JPEG end tag (FFD9) is offset 1 byte less than the entire file size (suspiious!)
- There's on the order of 10% of the split out JPG files w/ a wrong file size. Write a quick script to just take the last byte (the extra byte) of those files, and concatenate htem together.
- End up with something like "lorem ipsum have a flag{asdadasdasda}".
- ???
- Collect flag
@eugenekolo
https://eugenekolo.com
