Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Watchword (250 Points)
- -------------------
- The problem gives us an mp4 file called powpow.mp4. Opening up the file in a hex editor, we notice that the file ends in the bytes "49 45 4E 44 AE 42 60 82", which happens to be the footer signature for a PNG. Hmmmmm, that's not supposed to happen. Searching the file for the PNG header bytes "89 50 4E 47", we realize that there is indeed a PNG hidden in the file. Copying all the bytes from the PNG into a new file, we get a picture of a bag of oreos. The hint for the problem points us to http://domnit.org/stepic/doc/, which uses least significant bits to hide data. Running this on the image, we get a jpeg.
- Going back to the original video, we notice that it's titled is "aHR0cDovL3N0ZWdoaWRlLnNvdXJjZWZvcmdlLm5ldC8=", which translates to http://steghide.sourceforge.net/ in base64. The problem also tells us that password = password, so we run this new jpeg file through steghide, using password as the password. This gives us a file called base64.txt, which contains a long string of characters: "W^7?+dsk&3VRB_4W^-?2X=QYIEFgDfAYpQ4AZBT9VQg%9AZBu9Wh@|fWgua4Wgup0ZeeU}c_3kTVQXa}eE". The hint tells us to use the python3 base64 module. Looking at the python docs, we find a function in base64 called b85decode. Running this on the string, we get the flag.
- flag: flag{We are fsociety, we are finally free, we are finally awake!}
Add Comment
Please, Sign In to add comment
