challenge info  
Name: Gautemala
Category: steganography
Difficulty: Easy
Points: 200
Link:

 

Description

My friend wanted to install an antivirus for his computer, but the creator of the antivirus was caught! Download Attachments: AV.gif

Approach

Got no success with tools such as strings, binwalk, and stegsolve, I decided to inspect the metadata using exiftool, where I found this.

┌──(kali㉿iasad)-[~/CTFs/VishwaCTF]
└─$ exiftool AV.gif 
ExifTool Version Number         : 12.57
File Name                       : AV.gif
Directory                       : .
File Size                       : 1112 kB
File Modification Date/Time     : 2023:03:31 07:10:45-04:00
File Access Date/Time           : 2023:04:02 09:04:34-04:00
File Inode Change Date/Time     : 2023:03:31 07:10:52-04:00
File Permissions                : -rw-r--r--
File Type                       : GIF
File Type Extension             : gif
MIME Type                       : image/gif
GIF Version                     : 89a
Image Width                     : 498
Image Height                    : 498
Has Color Map                   : Yes
Color Resolution Depth          : 8
Bits Per Pixel                  : 8
Background Color                : 0
Animation Iterations            : Infinite
Comment                         : dmlzaHdhQ1RGe3ByMDczYzdfdXJfM1gxRn0=
Frame Count                     : 17
Duration                        : 2.04 s
Image Size                      : 498x498
Megapixels                      : 0.248

 

Decoded the base64 and got the flag

┌──(kali㉿iasad)-[~/CTFs/VishwaCTF]
└─$ echo "dmlzaHdhQ1RGe3ByMDczYzdfdXJfM1gxRn0=" | base64 -d

vishwaCTF{pr073c7_ur_3X1F}

 


Flag: vishwaCTF{pr073c7_ur_3X1F}