I was given a png image and told that there was some data hidden within. If you do a Google searches on PNG files, you will note that you can hide files in it. I opened up the image with a hex editor. Near the bottom of the file, I found 7z, then the words flag.txt. I know, from reading articles, that I can carve files using headers and footers. I knew that the header for a 7z file is 37 7A BC AF 27. I just selected the bytes from that header to the end of the file, copied it onto another sheet in the hex editing program and saved it as a 7z file. I opened up the flag.txt file using the archive manager, and I got the flag. EKSi7MktjOpvwesurw0v
Update: Easier Way: Command line:
7z x 2pngornot2png.png
Then
cat flag.txt
No comments:
Post a Comment