Back To San Andreas ~ Traboda Forensic Challenge Write up

Intro to Traboda : Traboda is an Cybersecurity Edutech from which provides 200+ challenges from various categories and competitions with difficulty ranging from beginners to experts.

Traboda - Learn CyberSecurity & Hacking

Challenge Description : hey did you know cJ waS parT of thE Grove street ?

Flag Format : inctfj{…}

Challenge Link : https://app.traboda.com/challenge/81

Fot this challenge we are given an image that looks like,

gta.jpg

Initially I have tried tools like exiftool , binwalk , strings but there was no useful data to be found or extracted.

On deeply seeing the challenge description , I found JSTEG (cJ waS parT of thE Grove), then i found out there is a tool named jsteg used to extract and hide message in images

Syntax for revealing data by jsteg tool is

$ jsteg reveal <in.jpg> <output file name>

For our challenge,

jsteg reveal gta.jpg output.txt

We got an output.txt file which contains this link

What's up CJ ?

Flag can be found in the image

The flag is inctfj{gr0ve_5treet_f0r_l1fe}

Additional Installations

1. jsteg

$ sudo wget -O /usr/bin/jsteg https://github.com/lukechampine/jsteg/releases/download/v0.1.0/jsteg-linux-amd64
$ sudo chmod +x /usr/bin/jsteg
$ sudo wget -O /usr/bin/slink https://github.com/lukechampine/jsteg/releases/download/v0.2.0/slink-linux-amd64
$ chmod +x /usr/bin/slink