CHALLENGE DESCRIPTION SOLUTION After trying some zsteg, exiftool, binwalk, steghide, strings,... and have nothing useful. Let see its content in hex by hexeditor or cyberchef We can see PK, it...

CHALLENGE DESCRIPTION SOLUTION m00nwalk 1 Read hints and do research, we see Apolo use slow-scan tv (sstv). Install tools sudo apt install qsstv && sudo apt install pavucontrol -y run q...

CHALLENGE DESCRIPTION SOLUTION Use Statistics > Protocol Hierarchy to analyze numbers and types of protocol. We can see that lots of UDP here, follow one of them and we can see the stream, wh...

CHALLENGE DESCRIPTION SOLUTION We try to see the file, but there is something inside but we can not see. We search for space character ` ` in the file, and we see that it’s not only space, but ...

CHALLENGE DESCRIPTION It’s the festive season of Diwali, and a newly launched website, Bling-Bling Crackers (a fictional site, inspired by platforms like Amazon and Flipkart), is offering huge disc...

CHALLENGE DESCRIPTION SOLUTION First, we need to download the image. wget http://mercury.picoctf.net:5013/concat_v.png Use zsteg to analyze the image, but we got the error. By doing researc...

CHALLENGE DESCRIPTION SOLUTION First, we use strings to analyze the file, and we see IHDR, search it on Google, and we see PNG file. Using hexeditor to modify hex at 02 03 09 0A 0B But what ...

CHALLENGE DESCRIPTION SOLUTION As we can see in the hint, we will use aircrack to crack the password aircrack-ng wpa-ing_out.pcap -w rockyou.txt

CHALLENGE DESCRIPTION SOLUTION We follow the conversation in the packet. We found the command to decrypt the flag, but we don’t have flag.des3. We know that they transfer the file through port ...

CHALLENGE DESCRIPTION SOLUTION We need to use autopsy to analyze disk sudo autopsy We have id-key to bypass ssh ssh -i key -p 64171 ctf-player@saturn.picoctf.net