Steganography Challenges
Absence Makes Hearts Go Yonder
Description
Sometimes the oldest and simplest tricks can be the most fun. Here's an old stego tactic that requires no special software - just a little knowledge and maybe a keen eye.
Solution
First thing I tried was strings:
We already have the flag, but PK indicates that there's zip file inside image. Using binwalk we can extract hidden files.
Flag: poctf{uwsp_h342d_y0u_7h3_f1257_71m3}
An Invincible Summer
Description
I seem to have misplaced the flag for this challenge. I know that it's in one of these files. I just can't remember which one... And why would I have two copies of each image in different formats... I swear, I'd forget my head if I didn't have SQL constantly orbiting it.
Archive password: poctf2023
HINT: This challenge is giving a lot of people trouble. I've double checked everything, and I can unequivocally say it's all picsel perfect.
Solution
I couldn't solve the challenge by myself and relied on hint. Personally I think that the challenge was (or stegano challenges in general) platform dependant.
Using tool SSuite Picsel Security you can extract the hidden data. Works only on Windows.
Flag: poctf{uwsp_1_h4v3_n0_m0u7hh_4nd_1_mu57_5cr34m}
Between Secrets and Lies
Descirption
Picture stego sure is a lot of fun. It's not exactly a party conversation starter, but once someone mentions hiding data I can't help but open that big can of beans. Here - you try!
Solution
The given image is PNG and steghide or such tools wont work. Image steganography mostly uses LSB (Least Significant Bit) to hide the data, unfortunatelly since this is not JPG we can't run zsteg on it.
For PNG there's tool StegOnline by Ge0rg3.
Upload -> Extract Files/Data
I thought this would be hard and would have to try all combinations, but after selecting only Red 7 and default values (MSB Order) I was able to extract the secret message.
Flag: poctf{uwsp_m0r3_hum4n_7h4n_hum4n_15_0ur_m0770}
Last updated