Challenge LAB: MISC
Difficulty: Easy
“A strange file has been discovered in Stephen Hawking’s computer. Can you discover what it is?”
After downloading the zip file and unzipping it, we can see that there is another zip file containing a file without extension “hawcking”. So by using the command “file hawcking” we can see that it is a file of type “JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 794x579, components 3”
The first thing to do to be able to see the image is to rename the file and add an image extension using the command “mv hawking hawking.png”
Looks like a stenography challenge hmm !
I ran steghide using the command “steghide extract -sf hawking.jpg”
and its asking for a passphrase… I tried basic passes and luckily “hawking” worked, otherwise I searched on google if there was a tool for bruteforce the passphrase and I found this one that looked not bad.
Now we get a file called flag.txt. On opening the file it appears to be base64 encodeded.
I base64 decoded the file twice and there it looks like the text is in the form of a cipher
By analyzing the text with a cipher identifier we see that it is in the form of Caesar cipher.
After Knowing what cipher text it was, it was time to decode it. I recommend this online tool for decoding ciphers. It has really worked for me every time i’ll leave a link below.
At -14 shift we get decode the text to plain engish.
Boom we have our flag !!!!
I hope you enjoyed, it’s a pretty easy MISC challenge but it was fun to do it !!!
Happy Hacking ❤
