CTF Writeup — pingCTF 2021 — Steganography
Michal Biesiada
Posted on November 15, 2023
Hi All,
I was wondering whether to write this article for a while. Why? Because it’s from almost two years ago and in general it’s quite easy (if you know what is going on). Moreover, this time I don’t have to many resources for you…
But, I decided to show you this Challenge, because it’s quite interesting and can be in different forms (keypoint). So I hope it will be useful for you at all. 🎉
First, please keep in mind that there wasn’t any info about keyword here — Steganography. Next, the task/challenge is from pingCTF 2021 (2021-12–19), online form. More info: https://ctftime.org/team/147266/ and https://ctf.knping.pl/ctf
Challenge name: Colors
Description is like here:
Image 1 - pingCTF 2021 — Colors, source: https://ctf.knping.pl/ctf
So, how to say, not so many tips:D but we can see that we have to download some .bmp file. Then, analyze it. ✨
Quick intro: “The BMP file format or bitmap, is a raster graphics image file format used to store bitmap digital images (…)”, source: https://en.wikipedia.org/wiki/BMP_file_format
But, what is ‘Steganography’?
is the practice of representing information within another message or physical object, in such a manner that the presence of the information is not evident to human inspection. In computing/electronic contexts, a computer file, message, image, or video is concealed within another file, message, image, or video.
Source: https://en.wikipedia.org/wiki/Steganography
We can not see any connected with challenge site, all what we have is some file (image).
Let’s take a look there! Result:
Image 2 - pingCTF 2021 — colors.bmp file
My first approach was checking metadata (there you can see usually many interesting things) and how it looks with HEX representation and so on, if I’m not mistaken. That was waste of time (this time)…
Then, I decided to make some of simple changes with mentioned file — changing brightness, contrast and similar. No result.
I decided to use ‘reverse the colors’ feature (using Gimp software) — yeah, the flag is there! 🚩 Result:
Image 3 - pingCTF 2021 — Colors challenge — flag
Quite interesting — as mentioned above/before — the flag was there all the time. The point is, I could not see this. Making changes — visually I can grap the flag finally.
If you will be more familiar with ‘Steganography’ topic — it’s really interesting in my opinion. As mentioned above — it can be connected with music file, with .pcap and other and other.
I hope you enjoy! 🍀
Note: Originally published on Medium
Best wishes,
Posted on November 15, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.