Panda
by AnandSaminathan
I wanted to send this file to AJ1479 but I did not want anyone else to see what’s inside it, so I protected it with a pin.
Files
Solution
The given zip file is password protected, which can be cracked using fcrackzip
or john
:
fcrackzip -v -u -D -p rockyou.txt panda.zip
The password was 2611
. After extracting the zip file using the password, we got two images, one was the messed up version of the other. On analysing using xxd
, it was clear that some parts of the original image was replaced in the messed up image (with the flag). A simple Go program which prints the changed bytes (the flag):
package main
import (
"io/ioutil"
"fmt"
)
func main() {
corrupted, err1 := ioutil.ReadFile("panda1.jpg")
original, err2 := ioutil.ReadFile("panda.jpg")
if err1 != nil || err2 != nil {
fmt.Printf("Error loading the files")
}
for i, cur := range original {
if cur != corrupted[i] {
fmt.Printf("%c", corrupted[i])
}
}
return
}
Flag
csictf{kung_fu_p4nd4}