Forensics
Last updated
Was this helpful?
Last updated
Was this helpful?
Description
This contains more than it seems. Hint: What is a hex editor?
Solution
Being the most basic flag I assumed it would have the flag in the file in plain text but after the image. I used a simple command and the last line printed out the flag. strings garden.jpg
Flag: picoCTF{more_than_m33ts_the_3y3657BaB2C}
Description
Find the flag in this .
Solution
Gave hint of the title "meta" so I used the built-in tool
Flag: picoCTF{s0_m3ta_fec06741}
Description
We found this . Recover the flag.
Solution
a
Flag:
Description
Solution
Either by trying to open, using the file flag.txt command, or hex editor flag.txt the conclusion is the same. It is a PNG file.
Flag: picoCTF{now_you_know_about_extensions}
Description
Solution
Flag: picoCTF{h1d1ng_1n_th3_b1t5}
Description
Solution
a
Flag:
Description
Solution
I know the file is filled with spaces but looking through hex editor it isn't spaces but more of other types of hex that are not viewable. I noticed it was a "." and " " pattern denoting 1's and 0's with hex "E2", "80", "83", and "20". Hmmm 4 but only needed 2... You can notice that the two patterns are E28083 and 20. Taking that and converting the bits in the file gets a bunch of 10 which goes to ASCII flag.
Output
00001010000010010000100101110000011010010110001101101111010000110101010001000110000010100000101000001001000010010101001101000101010001010010000001010000010101010100001001001100010010010100001100100000010100100100010101000011010011110101001001000100010100110010000000100110001000000100001001000001010000110100101101000111010100100100111101010101010011100100010000100000010100100100010101010000010011110101001001010100000010100000100100001001001101010011000000110000001100000010000001000110011011110111001001100010011001010111001100100000010000010111011001100101001011000010000001010000011010010111010001110100011100110110001001110101011100100110011101101000001011000010000001010000010000010010000000110001001101010011001000110001001100110000101000001001000010010111000001101001011000110110111101000011010101000100011001111011011011100110111101110100010111110110000101101100011011000101111101110011011100000110000101100011011001010111001101011111011000010111001001100101010111110110001101110010011001010110000101110100011001010110010001011111011001010111000101110101011000010110110001011111011000110011010100110100011001100011001000110111011000110110010000110000001101010110001100110010001100010011100000111001011001100011100000110001001101000011011101100011011000110011011001100110001101010110010001100101011000100011001001100101001101010011011001111101000010100000100100001001 picoCTF SEE PUBLIC RECORDS & BACKGROUND REPORT 5000 Forbes Ave, Pittsburgh, PA 15213 picoCTF{not_all_spaces_are_created_equal_c54f27cd05c2189f8147cc6f5deb2e56}
Flag: picoCTF{not_all_spaces_are_created_equal_c54f27cd05c2189f8147cc6f5deb2e56}
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
Description
Solution
a
Flag:
This is a really weird text file ? Can you find the flag?
There's something in the . Can you retrieve the flag?
Using this decoder function to find the flag.
Decode this from the moon.
I stopped using YellowPages and moved onto WhitePages... but is all blank!
We found this . Recover the flag.
This got tarred a lot.
Revisit the last transmission. We think this contains a hidden message. There are also some clues , , .
We have recovered a and an . See what you can make of it. There should be a flag somewhere.
We found this . Recover the flag that was pilfered from the network.
We have recovered a and an See what you can make of it. There should be a flag somewhere.
We have recovered a and a few images: , , . See what you can make of it. There should be a flag somewhere.
We found this and . Recover the flag.
We have recovered a and 5 images: , , , , . See what you can make of it. There should be a flag somewhere.
We have recovered a and an See what you can make of it. There should be a flag somewhere.
We found this and . Recover the flag.
We have recovered a and 1 file: . See what you can make of it. NOTE: The flag is not in the normal picoCTF{XXX} format.
We have recovered a and 1 file: . See what you can make of it. NOTE: The flag is not in the normal picoCTF{XXX} format.
Here's a .