Description
My friend wanted to install an antivirus for his computer, but the creator of the antivirus was caught! Download Attachments: AV.gif
Approach
Got no success with tools such as strings, binwalk, and stegsolve, I decided to inspect the metadata using exiftool, where I found this.
┌──(kali㉿iasad)-[~/CTFs/VishwaCTF]
└─$ exiftool AV.gif
ExifTool Version Number : 12.57
File Name : AV.gif
Directory : .
File Size : 1112 kB
File Modification Date/Time : 2023:03:31 07:10:45-04:00
File Access Date/Time : 2023:04:02 09:04:34-04:00
File Inode Change Date/Time : 2023:03:31 07:10:52-04:00
File Permissions : -rw-r--r--
File Type : GIF
File Type Extension : gif
MIME Type : image/gif
GIF Version : 89a
Image Width : 498
Image Height : 498
Has Color Map : Yes
Color Resolution Depth : 8
Bits Per Pixel : 8
Background Color : 0
Animation Iterations : Infinite
Comment : dmlzaHdhQ1RGe3ByMDczYzdfdXJfM1gxRn0=
Frame Count : 17
Duration : 2.04 s
Image Size : 498x498
Megapixels : 0.248
Decoded the base64 and got the flag
┌──(kali㉿iasad)-[~/CTFs/VishwaCTF]
└─$ echo "dmlzaHdhQ1RGe3ByMDczYzdfdXJfM1gxRn0=" | base64 -d
vishwaCTF{pr073c7_ur_3X1F}
Flag: vishwaCTF{pr073c7_ur_3X1F}