RED - Forensics Challenge Writeup (picoCTF)


Category: Forensics
Author: SHUAILIN PAN (LECONJUROR)
Flag Format: picoCTF{FLAG}
Challenge Description: RED, RED, RED, RED
Hint: Check whatever Facebook is called now.
This challenge contains a PNG image named red.png
, with a hint given based on Facebook(now Meta) from which it’s pretty obvious to analyze the metadata to extract the flag hidden within the image.
Provided with an image that reveals nothing suspectable, started off analyzing the metadata and steganography(which is hiding data within other data) as the hint suggested.
Used the zsteg
command which analyzes images to detect hidden data (steg). This revealed a base64 encoded string.
zsteg red.png
I then decoded the string using basic command line tools (echo
, base64
). Which then revealed the flag.
echo "cGljb0NURntyM2RfMXNfdGgzX3VsdDFtNHQzX2N1cjNfZjByXzU0ZG4zNTVffQ==" | base64 -d
Correct Flag
Happy Hacking!!
Subscribe to my newsletter
Read articles from Naresh S directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by

Naresh S
Naresh S
CyberSecurity Enthusiast diving into OSINT, Forensics, Crypto and CTFs | Learning One challenge at a time | Vice-President bi0s AVV Nagercoil Campus | President IKS AVV Nagercoil Campus | Sharing my journey, writeups & beginner-friendly insights