Table of Contents

HTB ~~ Stego Challenges ~~ Widescreen [owned]

Retour

-

Présentation

Type : Easy
Owned : Yes 8-)
Retired : Yes
Added : 2017-07-26 

Someone has leaked pictures of our unreleased movie.
Can you help identify him?

1 fichier :

Résolution

1er test : binwalk

user@VM:/mnt/c/Users/didier/Documents/HTB/Stego/VERT/Widescreen$ binwalk -e widescreen.png

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             PNG image, 628 x 281, 8-bit/color RGB, non-interlaced
85            0x55            Zlib compressed data, best compression
2757          0xAC5           Zlib compressed data, best compression

À priori rien de probant ici.

2e test : hexdump

Rien de visible non plus.

3e test : steghide

steghide extract -sf 
steghide: the file format of the file "widescreen.png" is not supported.

4e test : pngcheck

user@VM:/mnt/c/Users/didier/Documents/HTB/Stego/VERT/Widescreen$ pngcheck -vt widescreen.png
File: widescreen.png (194272 bytes)
  chunk IHDR at offset 0x0000c, length 13
    628 x 281 image, 24-bit RGB, non-interlaced
  chunk pHYs at offset 0x00025, length 9: 2835x2835 pixels/meter (72 dpi)
  chunk iCCP at offset 0x0003a, length 2639
    profile name = Photoshop ICC profile, compression method = 0 (deflate)
    compressed profile = 2616 bytes
  chunk cHRM at offset 0x00a95, length 32
    White x = 0.31269 y = 0.32899,  Red x = 0.63999 y = 0.33001
    Green x = 0.3 y = 0.6,  Blue x = 0.15 y = 0.05999
  chunk IDAT at offset 0x00ac1, length 191499
    zlib: deflated, 32K window, maximum compression
  chunk IEND at offset 0x2f6d8, length 0
No errors detected in widescreen.png (6 chunks, 63.3% compression).

Toujours rien.

5e test : zsteg

user@VM:/mnt/c/Users/didier/Documents/HTB/Stego/VERT/Widescreen$ zsteg widescreen.png
/usr/lib/ruby/2.5.0/open3.rb:199: warning: Insecure world writable dir /mnt/c in PATH, mode 040777
imagedata           .. file: VAX-order 68K Blit (standalone) executable
b1,r,lsb,xy         .. text: "'_PtlO6\\"
b1,r,msb,xy         .. text: "95wLHNt c"
b2,r,msb,xy         .. file: PGP\011Secret Sub-key -
b3,b,lsb,xy         .. text: "VRnI$i4I$"
b3,bgr,lsb,xy       .. text: " L6al(^ur"
b4,r,lsb,xy         .. text: "ufwuUut4332!#2"
b4,g,lsb,xy         .. text: "eC3EUB%TEeUVeVB3DVfVeeDDEW"
b4,b,lsb,xy         .. text: "24T35TE1\"3DDD2#!"
b4,rgb,lsb,xy       .. text: "gVuGTt5!R"
b4,bgr,lsb,xy       .. text: "i4q%#b64sGEteFTeEte6rT&3T$1C"
user@VM:/mnt/c/Users/didier/Documents/HTB/Stego/VERT/Widescreen$

Toujours rien.

6e test : StegSolve

StegSolve est une jvm (“StegSolve 1.3 by Caseum”; fichier .jar).

Ouvrir le fichier puis cliquer sur la flèche de droite un certain nombre de fois.

En mode “Red Plane 1” on a le password qui apparait clairement : “HTB{c3r34l_k1ll3r}”.

Banco 8-)

FLAG

HTB{c3r34l_k1ll3r}

, , , , ,