Skip to content
Startseite » picoCTF information

picoCTF information

Let’s solve the information challenge on picoCTF.

This time you get a file called “cat.jpg” and the description says that “Files can always be changed in a secret way.”

So let’s display the contents of the file. Since I use Ubuntu as operating system, I therefore use “Eye of GNOME”, the Ubuntu standard image viewer. On the first look, there is nothing outstanding special with this image. A kitten lying on the keyboard of a laptop. No flags anywhere shown in the image. But since the challenge description says that something is changed in a secret way, let’s take a look at the image properties.

At the row ‘cc:license’ there is a suspicious string. cGljb0NURnt0aGVfbTN0YWRhdGFfMXNfbW9kaWZpZWR9

The well-trained eye notices a base64 encoding here so take a look what is hiding behind. Open a terminal window and decode the base64 encoded string by piping it with ‘echo’ to ‘base64’ (as expected the option ‘-d’ stands for ‘decode’).

$ echo cGljb0NURnt0aGVfbTN0YWRhdGFfMXNfbW9kaWZpZWR9 | base64 -d

Congratulations. You’ve got another flag.

Leave a Reply

Your email address will not be published. Required fields are marked *