Scribd
Upload
137 views31 pages

TryHackMe CTF CHallenge On Steganography & Cryptography

This document provides a comprehensive walkthrough of the TryHackMe Catch The Flag (CTF) challenge, detailing 20 tasks that test various skills in cryptography and steganography. Each task is designed to help participants capture flags through different techniques and tools, culminating in a successful completion of the challenge. The report serves as an educational resource for penetration testing practices and cybersecurity skills enhancement.

Uploaded by

Ahlam Boumehdi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
137 views31 pages

TryHackMe CTF CHallenge On Steganography & Cryptography

This document provides a comprehensive walkthrough of the TryHackMe Catch The Flag (CTF) challenge, detailing 20 tasks that test various skills in cryptography and steganography. Each task is designed to help participants capture flags through different techniques and tools, culminating in a successful completion of the challenge. The report serves as an educational resource for penetration testing practices and cybersecurity skills enhancement.

Uploaded by

Ahlam Boumehdi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 31

Catch The Flag

Original Author: Dheeraj Gupta


Michael Tchuindjang Credits to Hacking Articles

Table of Contents

Abstract ............................................................................................................................................ 3
[TASK 1] Author note......................................................................................................... 4
[TASK 2] What does the base say? ................................................................................. 4
[TASK 3] Meta meta............................................................................................................ 5
[TASK 4] Mon, are we going to be okay? ..................................................................... 7
[TASK 5] Erm……Magick ..................................................................................................... 8
[TASK 6] QRrrrr ................................................................................................................. 10
[TASK 7] Reverse it or read it? ..................................................................................... 11
[ Task 8 ] Another decoding stuff ................................................................................ 12
[Task 9 ] Left or right ...................................................................................................... 12
[Task 10] Make a comment ............................................................................................ 14
[TASK 11] Can you fix it?? .............................................................................................. 16
[TASK 12] Read it .............................................................................................................. 17
[TASK 13] Spin my head.................................................................................................. 19
[TASK 14] An exclusive!.................................................................................................. 21
[TASK 15] Binary walk ..................................................................................................... 22
[TASK 16] Darkness .......................................................................................................... 23
[TASK 17] A sounding QR ................................................................................................ 24
[TASK 18] Dig up the past .............................................................................................. 25
[TASK 19] Uncrackable.................................................................................................... 26
[TASK 21] Read the packet ............................................................................................ 29
Conclusion ...................................................................................................................................... 31
References ..................................................................................................................................... 31

Page | 2
Michael Tchuindjang Credits to Hacking Articles

Abstract
This report will provide a walkthrough of another popular TryHackMe Catch The
Flag (CTF) challenge. The main objective of the challenge is to test your CTF
skills, the challenge consists of 20 tasks that require you to stay calm and capture
the flag.
This CTF challenge called “CTF collection Vol.1” is available at TryHackMe for
penetration testing practice. This lab is not difficult if we have the right basic
knowledge of cryptography and steganography.
Disclaimer: This report is provided for educational and informational
purpose only (Penetration Testing). Penetration Testing refers to legal
intrusion tests that aim to identify vulnerabilities and improve cybersecurity,
rather than for malicious purposes.

Page | 3
Michael Tchuindjang Credits to Hacking Articles

[TASK 1] Author note

This task just provides information about this CTF challenge.

[TASK 2] What does the base say?

In this task, we can conveniently recognize that the value is base64 encoded. We will then
attempt to decode it using the base64 decoder.

Page | 4
Michael Tchuindjang Credits to Hacking Articles

And there is how we got our 2nd flag easily.

[TASK 3] Meta meta

Page | 5
Michael Tchuindjang Credits to Hacking Articles

As the role name itself specifies the term meta, therefore, we are clear that here we have to
take out the metadata of the image. Thereby we’ve used the EXIF tool as it is the most
powerful one.

exiftool findme.jpg /root/Downloads/Findme.jpg

Page | 6
Michael Tchuindjang Credits to Hacking Articles

And as expected we get our 3rdflag in the metadata of the file stating in the parameter of
owner name.

[TASK 4] Mon, are we going to be okay?

Page | 7
Michael Tchuindjang Credits to Hacking Articles

This task was based on steganography because in the task description they are indicating that
“something is hiding” where it’s gone fishy, moreover there is one file to download.

So, here we thought they are talking about steganography and decided to use steghide.

steghide extract –sf /root/Downloads/Extinction.jpg

But interestingly we got another file bind within it when we used to extract the data from the
image. And here our arrow goes on point!! We got our 4th flag in this text file.

[TASK 5] Erm……Magick

Page | 8
Michael Tchuindjang Credits to Hacking Articles

This task was interested and easiest one. Here we got a bit stuck as there was no file or not no
clue from there. So, then we decided to see hints and thus it drops

So, the thing that comes to mind is that check the code and when we inspected the element,
we got the flag directly over there, or alternately we can also get the flag by highlighting the
phrase.

Page | 9
Michael Tchuindjang Credits to Hacking Articles

[TASK 6] QRrrrr

This was the simplest one since the title indicates QR” and it was a QR picture when we
downloaded the file. So, we already know that the next move is to scan the code.

AND BOOM!! We got our flag only after scanning it.

Page | 10
Michael Tchuindjang Credits to Hacking Articles

[TASK 7] Reverse it or read it?

In this task, we should only know about the command to open the elf file (a type of .exe). As
soon as we open the file with the following command, we got the flag listed.

strings hello.hello

Page | 11
Michael Tchuindjang Credits to Hacking Articles

[ Task 8 ] Another decoding stuff

Here, as it says, it is a decoding task which is like most of the cryptography challenges. And
we were also led to the base58 algorithm as clues, so we use the online base58 decoder
directly.

And within a second We got our 8th flag by just decoding it.

[Task 9 ] Left or right

Page | 12
Michael Tchuindjang Credits to Hacking Articles

We all need a basic presence of mind in this task as it explains that it is a rot 13 algorithm
that is a special case of Ceaser cipher encryption technique in which we replace the plain
character with the next 13th letter.

Page | 13
Michael Tchuindjang Credits to Hacking Articles

So, here we tried rot13 decoder but it didn’t work, so here our next step was to brute force on
shift that is 14,15,16 and so on, as this is all about Ceaser cipher substitute

And we got our flag on the 7th shift

[Task 10] Make a comment

Page | 14
Michael Tchuindjang Credits to Hacking Articles

This assignment was the same as Task 5. There was no encoding and no files. So here we
thought performing the same steps of task 5 because this task was looking alike as task 5 –
No file, No clue in the title. So, here we had to do the inspection again and look for our flag.

And luckily, we received our 10th flag after looking for a while.

Page | 15
Michael Tchuindjang Credits to Hacking Articles

[TASK 11] Can you fix it??

This was the most interesting task of the entire lab. As there was a corrupted png but so here
we tried to extract the hexadecimal code of that image but after studying a while, we found
that its magic numbers vary from the regular magic number.

Magic numbers are initial 8 characters or numbers in hexadecimal code of any file.

So, as we searched on google and we found that the standard magic numbers of the png
image are 89 50 4E 47

We have to just replace it.

Page | 16
Michael Tchuindjang Credits to Hacking Articles

Now our last step is to render the image from updated hexadecimal code which we did use
cyber chef where we have to render the image from updated code

And hence we got our 11th flag in the image.

[TASK 12] Read it

Page | 17
Michael Tchuindjang Credits to Hacking Articles

In this task, our flag is present on the social media account of tryhackme. But our confusion
was to explore on which platform either Twitter or something else.

But provided hint cleared it for us. So here we got a chance to explore our google dork
technique. And the perfect dork came to be

inurl:"reddit.com" &intext:"THM" & intitle:"tryhackme"

After going through it we can easily spot our flag where the flag was hidden in the image

Page | 18
Michael Tchuindjang Credits to Hacking Articles

[TASK 13] Spin my head

Page | 19
Michael Tchuindjang Credits to Hacking Articles

This task was spinning my mind as it told me to decode it but we were clueless about it that’s
why we had to go for a hint, and they indicated to its “BINARYFUCK”

So, we directly go to binaryfuck decoder and hence we got our 13th flag just by decoding it.

Page | 20
Michael Tchuindjang Credits to Hacking Articles

[TASK 14] An exclusive!

In this task, we got 2 strings but we didn’t know what to do with these strings but our saviour
hint shows to XOR these strings.

Now we can relate exclusive and XOR.

Page | 21
Michael Tchuindjang Credits to Hacking Articles

So, we can do it easily, as many tools are available online. And we got our 14th flag without
effort.

[TASK 15] Binary walk

Page | 22
Michael Tchuindjang Credits to Hacking Articles

As this task name suggests a binary walk and clue also directed us to binwalk, it is a tool
binwalk that is helpful in steganography. But it is only used to extract the hidden file from the
images.

So, we extracted files from jpg and found one txt file. And thus, we got our 15th flag in this
file.

[TASK 16] Darkness

Page | 23
Michael Tchuindjang Credits to Hacking Articles

In this task our hint is stegsolve. Stegsolve is a steganographic image analyzer, solver, and
data extractor.

We have to evaluate our image by filtering various colours in an image using stegsolve. We
can download stegsolve with these terminal commands

wget http://www.caesum.com/handbook/Stegsolve.jar -O stegsolve.jar


chmod +x stegsolve.jar

Now just we have to open the image with the stegsolve

In the first go, it is just the black image but we have to constantly analyze the image under
different colours so the odd one can shine out like this.

And hence we got our 16th flag

[TASK 17] A sounding QR

This task is quite similar to task 6. In this task, we got a QR image and we will scan it and
fetch information from there.

But interestingly we got a link over there which redirects to an audio link

Page | 24
Michael Tchuindjang Credits to Hacking Articles

But after listening to it carefully in slow motion we got our 17th flag.

[TASK 18] Dig up the past

Page | 25
Michael Tchuindjang Credits to Hacking Articles

In this task as a title relates to the past the only thing that pops up in our mind is the Wayback
machine and the time and date in the description make our doubt clear.

So, for checking past captures or archives of any site we can use the Wayback Machine. After
analyzing the output, we can see there is a capture of the website on 2nd Jan 2020

But when we visited that website, we got our 18th flag.

[TASK 19] Uncrackable

We have an embedded text in this role so that we can attempt to decipher it. So, we tried it
with Ceaser cipher and several other methods, but we get to know this from clues that this is
vigenere cipher.

Page | 26
Michael Tchuindjang Credits to Hacking Articles

But now the problem begins because while decoding it we require a key.

So there is a strange thing that we can notice is all flags are in the format of THM{………}
but in this task flag format is TRYHACKME{………} that’s why we used it as a key and got
another encoded value.

It looks like we found another constant THMTHMTHM. Now we can either attempt to
decrypt consecutively using the same key that is TRYHACKME or we can also use
THMTHMTHM as a key to decode MYKAHODTQ{RVG YVGGK FAL WXF}

But we got our 19th flag by using THMTHMTHM as a key.

[TASK 20] Small bases

Page | 27
Michael Tchuindjang Credits to Hacking Articles

This task was also of cryptography. In this task, the hints say (dec-> hex -> ASCII) we have
to simply follow these tips that are converting decimal to hex first

Then Hex to ASCII

Page | 28
Michael Tchuindjang Credits to Hacking Articles

And hence we got our 20th flag

[TASK 21] Read the packet

Page | 29
Michael Tchuindjang Credits to Hacking Articles

In this task when we download the file it’s a pcapfile. So, it cleared that it’s a Wireshark file

And as the task name suggests we have to read any packet which is in any packet so after
applying many filters and searching we get to the request over which flag.txt has been sent so
we have to just open up that file with the help of stream.

Page | 30
Michael Tchuindjang Credits to Hacking Articles

And here we go we secured our last flag.

MISSION ACCOMPLISHED!!

Conclusion
Hence, one can make use of these commands as a cybersecurity professional to
assess vulnerabilities on systems and keep these systems away from threat.

References
• https://www.hackingarticles.in/ctf-collection-vol-1-tryhackme-walkthrough/
• https://tryhackme.com/room/ctfcollectionvol1

Page | 31

You might also like