Hello Everyone!
I’m Tareq from Knight Squad.
Recently we played RCTS CERT CTF 2021. Here I’m going to give you a quick writeup for the challenge named “Maybe the Helper Can Help”. let’s dig into it.
In this challenge we were provided with a jpg image file. I was stuck in this challenge for a long time. I have ran binwalk, foremost, strings, exiftool but didn’t found anything.
After that I got a clue from another ctf player. He told me to bruteforce the password. And I got it. There’s a file inside this image file which has been embed with steghide.
I used stegseek. You can download stegseek from here .
So I ran stegseek & bruteforced for the password with rockyou.txt.
Command : stegseek <file> <wordlist>
The password was rosy. It extracted a txt file which contained base64 encoded data. I just decoded it from base64 twice & got the flag. This was really very exciting challenge for me..
That’s it. Hope you guys enjoyed. Don’t forget to share your feedbacks in the comment section below and stay tuned with us for more interesting challenge walkthroughs.