Description
A magician made the seven wonders disappear. But people claim they can still feel their presence in the air.
Download Attachments: havealook.jpg
Approach
First, I checked filetype using file command. Then, I used exiftool to examine the metadata, but nothing interesting was there. Next, I used binwalk to search for any embedded files, and discovered an audio file. I extracted it using the command binwalk --dd=".*".
┌──(kali㉿iasad)-[~/CTFs/VishwaCTF]
└─$ binwalk --dd=".*" havealook.jpg
DECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
0 0x0 JPEG image data, JFIF standard 1.01
134855 0x20EC7 Zip archive data, uncompressed size: 219888
323796 0x4F0D4 name: hereissomething.wav
The audio sounded like random noise. However, since it was a steganography challenge, I suspected that there might be a hidden message in the audio. I opened the file in Sonic Visualizer and added a spectrogram layer, which is commonly used for hiding text in audio files. To do this, go to “Pane” menu and select “Add Spectrogram”. As expected, the flag was hidden in the audio file in plaintext and became visible in the spectrogram layer.
Flag: VishwaCTF{n0w_y0u_533_m3}