CTFHub

Writeup

Panda

发表于 更新于 分类于
Challenge | 2020 | CSICTF | Forensics | Panda

点击此处获得更好的阅读体验

WriteUp来源

https://dunsp4rce.github.io/csictf-2020/forensics/2020/07/22/Panda.html

by AnandSaminathan

题目描述

I wanted to send this file to AJ1479 but I did not want anyone else to see what's inside it, so I protected it with a pin.

题目考点

解题思路

The given zip file is password protected, which can be cracked using fcrackzip or john:

1
fcrackzip -v -u -D -p rockyou.txt panda.zip

The password was 2611. After extracting the zip file using the password, we got two images, one was the messed up version of the other. On analysing using xxd, it was clear that some parts of the original image was replaced in the messed up image (with the flag). A simple Go program which prints the changed bytes (the flag):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
package main
import (
  "io/ioutil"
  "fmt"
)
func main() {
  corrupted, err1 := ioutil.ReadFile("panda1.jpg")
  original, err2 := ioutil.ReadFile("panda.jpg")
  if err1 != nil || err2 != nil {
    fmt.Printf("Error loading the files")
  }
  for i, cur := range original {
    if cur != corrupted[i] {
      fmt.Printf("%c", corrupted[i])
    }
  }
  return
}

Flag

1
csictf{kung_fu_p4nd4}