diff --git a/forensics/hidden_in_plain_sight/flag.txt b/forensics/hidden_in_plain_sight/flag.txt new file mode 100644 index 0000000..8ca0ed0 --- /dev/null +++ b/forensics/hidden_in_plain_sight/flag.txt @@ -0,0 +1 @@ +picoCTF{h1dd3n_1n_1m4g3_92f08d7c} diff --git a/forensics/hidden_in_plain_sight/img.jpg b/forensics/hidden_in_plain_sight/img.jpg new file mode 100644 index 0000000..137dcc9 Binary files /dev/null and b/forensics/hidden_in_plain_sight/img.jpg differ diff --git a/forensics/hidden_in_plain_sight/solve.sh b/forensics/hidden_in_plain_sight/solve.sh new file mode 100755 index 0000000..33f0a31 --- /dev/null +++ b/forensics/hidden_in_plain_sight/solve.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p mediainfo jq gnused steghide + +steghide_password="$(mediainfo --Output=JSON img.jpg | jq -r '.media.track[0].Comment' | base64 -d | sed 's/steghide://' | base64 -d)" + +steghide extract --stegofile img.jpg --passphrase "$steghide_password" +