Panda
by AnandSaminathan
I wanted to send this file to AJ1479 but I did not want anyone else to see what’s inside it, so I protected it with a pin.
Files
Solution
The given zip file is password protected, which can be cracked using fcrackzip or john:
fcrackzip -v -u -D -p rockyou.txt panda.zip
The password was 2611. After extracting the zip file using the password, we got two images, one was the messed up version of the other. On analysing using xxd, it was clear that some parts of the original image was replaced in the messed up image (with the flag). A simple Go program which prints the changed bytes (the flag):
package main
import (
"io/ioutil"
"fmt"
)
func main() {
corrupted, err1 := ioutil.ReadFile("panda1.jpg")
original, err2 := ioutil.ReadFile("panda.jpg")
if err1 != nil || err2 != nil {
fmt.Printf("Error loading the files")
}
for i, cur := range original {
if cur != corrupted[i] {
fmt.Printf("%c", corrupted[i])
}
}
return
}
Flag
csictf{kung_fu_p4nd4}