Cryptic Pixels

CATEGORY - STEGANOGRAPHY

Introduction

In this challenge, we are given an image file that likely contains hidden data. Using steganography techniques, we extract and decipher the hidden message to reveal the flag.

Steps

Step 1: Initial File Analysis

The challenge provides a PNG file.

To check for metadata, I used exiftool, but nothing interesting was found.

Step 2: Verifying File Integrity

To ensure the file was actually a PNG and not something else in disguise, I used xxd:

xxd CrypticPixels.png | head

This revealed that the file contained a hidden flag.txt inside.

Step 3: Extracting Hidden Data

Since the file seemed to contain embedded data, I used binwalk to extract it:

binwalk -e CryticPixels.png

This extracted a ZIP archive, but it was password-protected.

Step 4: Cracking the ZIP Password

To crack the ZIP password, I used fcrackzip with the rockyou.txt wordlist:

fcrackzip -u -D -p /usr/share/wordlists/rockyou.txt B8103.zip

Password: qwertyuiop

Step 5: Analyzing the Flag

After extracting flag.txt, the flag appeared scrambled, suggesting it had been encoded or ciphered.

I attempted common ROT ciphers (ROT5, ROT13, ROT18, ROT47), but none worked.

Step 6: Deciphering with a Caesar Cipher

Since ROT didn't work, I tried a Caesar cipher with shifts from 1 to 9 until I found the correct shift.

FLAG

ACECTF{h4h4_y0u'r3_5m4r7}