Jay-Chot ~ Traboda Forensic Challenge Write up
Intro to Traboda : Traboda is an Cybersecurity Edutech from which provides 200+ challenges from various categories and competitions with difficulty ranging from beginners to experts.
Challenge Description : Raju sent me this file and told me that it’s an important file for him, but he couldn’t open it. Can you help me in retrieving this file?
Flag Format : flag{some_l33t_string}
Challenge Link : https://app.traboda.com/challenge/41
Initially we are given an image chall.jpg which at first wont be able to see.To correct this error we will change the header line of this image using a tool named GHex. GHex helps us to view and edit the hex data or hex dump of an image.
To use this tool , in a terminal type
ghex chall.jpgAfter executing this command you will see the following window,
As you can see the first few characters in the first line is known as headers of file. For this given image the given header is
FF D9 FF E0 00 10 4A 46 49 46 00 01But the correct header for a JPG Format image is
FF D8 FF E0 00 10 4A 46 49 46 00 01In Insert Mode (Open Edit Tab) , correct the required headers. After saving this you will be able to see the image and the flag lies in the same image.
The flag is flag{a4aa04741a8d3a952a7ec88457991b97}
Additional Installations
- GHex
$ sudo apt install ghex
