ASCyberWargames2020 Qualifications | MeowNetwork | Forensics Challenge Writeup
In this post, I am going to walk you through a Forensics CTF challenge from Arab Security Cyber Wargames 2020 Qualifications, Hope you enjoy reading!
MeowNetwork | 300 points
First of all, Let’s download the File and check the description of the challenge.
Challenge Description :
A hacker managed to get into meownetwork and leaked sensitive files of their respected baord members. The hacker uses ancient floppy disk technology, however, our security team managed to get a disk image of the files he leaked. Can you find out what really leaked?
The first look, This is a RAR file, Extracting files is Easy, Let’s take a look at it!
hmmmm let’s run Binwalk to get the data stored in this disk!
Great, they are JPEG images, let’s make sure that they are images
Okay, let’s add the JPEG extension.
Then I tried playing with Steghide tool to extract the hidden data from the images, But you know, Steghide needs a password, First I tried without any passwords, and it works!
So, Let’s extract the hidden data from all images
Now we have 5 text files with some type of base64 encoding,
I checked the first one with CyberChef and here is the result
As expected, this is a base64 encoded image, So we should concatenate all the five text file to one file and decode it to get the resulting image
let’s Go decode it with this website, and we Got the image!
Let’s Download it and check again with steghide if it contains some other files!
I tried without any passwords like the first time but this time needs a real password!
Any other files to check?
- no!
So?
-soo!
let’s Crack!
Using StegCracker tool with rockyou password list and see if we can get some juicy stuff
Got it !!! let’s try this password with the image we generated
And we captured the Flag!
Team: b3y0nd
Rank: 8 — Qualified to finals!
I’m Asem Eleraky, AKA Melotover!
Thanks For Reading,
