Post

TJCTF 2022

Posted
Preview Image
By Oste
2 min read

Yow. Welcome to this week’s writeup. Over the weekend i got a chance to participate in the TJCTF 2022 CTF where i played with my team fr334aks-Mini. The CTF was jeopardy style running for 48hrs with challenges ranging from crypto, misc, pwn, rev, web & forensics. For the purpose of this writeup, i will be focussing on the forensic category where there were 4 challenges. With that said, lets get started.

spongebob

TJCTF is really cool and spongebob thinks so too. So cool in fact…wait a minute, isn’t the meme usually 4 squares???

In this challenge, you are presented with an image which contains 3 squares and a 4th incomplete square. In order to solve this challenge, we can basically tweak the image height with a tool like TweakPNG.

image

Once you open the tool, load the image and double click on IHDR and modify the image height as shown below.

IHDR is the first chunk in a PNG image, and it includes all of the details about the type of the image: its height and width, pixel depth, compression and filtering methods, interlacing method, whether it has an alpha (transparency) channel, and whether it’s a truecolor, grayscale, or colormapped (palette) image. ~Source oreilly - Chapter 8. PNG Basics

image

Hit ctrl + s to save the changes. If you now look at the new image, you’ll clear see the 4th square containing the flag.

image

tjctf{such_pogg3rs_ctf}

fake-geoguessr

We don’t do guess challs here at TJCTF, so that means no Geoguessr 😞 Since I took this photo myself, though, you can find out precisely where it was taken, and some Bonus Content™️, from my Camera Model Name to the Circle Of Confusion. Maybe you’ll find a flag there?

This challenge was relatively easy. All you needed to do was use exiftool on the image provided and get two parts of the flag in the Copyright & Comment fields

1
2
3
4
5
6

➜  tjctf exiftool lake.jpg
ExifTool Version Number         : 12.39
File Name                       : lake.jpg
//redacted
Copyright                       : tjctf{thats_a_
Comment                         : lot_of_metadata}

tjctf{thats_a_lot_of_metadata}

cool-school

Wow TJ is such a cool school! This image really captures the vibes. But something seems off about the image…

In this challenge, we are given an image file with a hidden flag innit. You can use a site like StegOnline to transform the image as shown.

image

Alternatively, you can use a command line tool like StegoVeritas to tranform the image

tjctf{l0l_st3g_s0_co0l}

CTF-TIME
TweakPNG exiftool StegoVeritas
This post is licensed under CC BY 4.0 by the author.

Comments powered by Disqus.