For this Forensics challenge, we need to download a picture of a moon. The file is available here. After trying to play with colors with Steganabara or Stegsolve to find a hidden text, we change of strategy. We use the
strings command. By the end of the output, we can see a
flag.txt is hidden inside the file.
% strings moon.png ... flag.txtUT *nAb( flag.txtUT)
Let is change the extension of the file to a
zip archive and extract it.
% mv moon.png moon.zip % unzip moon.zip Archive: moon.zip warning [moon.zip]: 411781 extra bytes at beginning or within zipfile (attempting to process anyway) [moon.zip] flag.txt password:
A password is required. After some guessing, we notice that the challenge is titled That’s No Moon. So let is try
moon as a password.
[moon.zip] flag.txt password: extracting: flag.txt
Success! The flag is