search
Personal WebsiteGithubLinkedIn

Tux!

The flag is hidden inside the Penguin! Solve this challenge before solving my 100 point Scope challenge which uses similar techniques as this one.

Tux.jpgarrow-up-right

Let's check the metadata of the image using the exiftool utility.

$ exiftool Tux.jpg
ExifTool Version Number         : 12.40
File Name                       : Tux.jpg
Directory                       : .
File Size                       : 5.6 KiB
File Modification Date/Time     : 2020:07:22 09:33:14+05:30
File Access Date/Time           : 2023:10:09 10:13:06+05:30
File Inode Change Date/Time     : 2023:10:09 10:13:35+05:30
File Permissions                : -rw-r--r--
File Type                       : JPEG
File Type Extension             : jpg
MIME Type                       : image/jpeg
JFIF Version                    : 1.01
Resolution Unit                 : None
X Resolution                    : 1
Y Resolution                    : 1
Comment                         : ICAgICAgUGFzc3dvcmQ6IExpbnV4MTIzNDUK.
Image Width                     : 196
Image Height                    : 216
Encoding Process                : Baseline DCT, Huffman coding
Bits Per Sample                 : 8
Color Components                : 3
Y Cb Cr Sub Sampling            : YCbCr4:2:0 (2 2)
Image Size                      : 196x216
Megapixels                      : 0.042

We can see that the Comment field is encoded using Base64. We can use Cyberchef to decode it.

So the Comment was a password. But we don't have anything to unlock yet.

The binwalk utility is used for searching a given binary image for embedded files and executable code,

Let's check what embedded files were extracted.

We can cd _tux.jpg.extracted and check what's in there.

  • So there is a ZIP file that we need to extract. This is where the password that we decrypted becomes useful.

  • Now all we have to do is cat the flag.

hashtag
Flag

Last updated