Steganography and Reverse Engineering | TryHackMe CTF collection Vol.1

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] welcome back what's going on youtube today we're doing ctf collection volume one and it's a collection of multiple city of challenges around 21 28. uh sorry 20 challenges so basically the idea behind doing this room is to help you build the individual skills that are required when you do a complete ctf challenge or when you do a complete machine challenge so basically we will start today with um task 2 and we will make it till task 10 and after that we will be carrying over in the next upcoming videos so okay let's start with task two so basically it has two it's all about decoding at page 64. so you copy that and you go to cyber chef so cyberchip is a very important tool and useful actually to help you decode and encode so we select from base64 we put the input and we get the flag that's for task two now task three meta meta meta so basically it's hinting towards metadata so we downloaded ask files go to my virtual machine and here as you can see i have downloaded the files all of the tasks so we have task two here task six four three let me check them out one more time so it's task three yeah it's here so meta meta meta it means we have to reveal the metadata so one common way to reveal the method data in an image file is using the exceeve tool so we say exif tool task 3 and here we are presented with the metadata information about the image as you can see we have finally in the directory the file size all of these are considered metadata so it's data about data basically so we have here the owner name which happens to be the flag we're looking for okay so let's copy the flag all right so task for monday are we going to be okay something is hiding that's all you need to know if you download the task files you will see the task 4 file is also an image okay so if you go back so it's saying something is hiding and normally in image files we can hide text files inside of image files we can do that under what's called the steganography so we can here use the tool sticker hide to reveal the hidden information or the hidden files inside an image file or the media file so stake height dash f extract task 4 let's see i think it's f extract or let's make sure that this is correct with the help menu so here dash sf we specify the sticker file okay that's fine and i think we have to select the mode extract extract data so what was wrong with the previous command extract okay let's try this extract let us take a file [Music] so enter the passphrase as you can see the steganography here is protected or the hidden file is protected by its passphrase so you could try with a blank passphrase see if this works and it seems that the blank passphrase worked both extracted data to final message alice if we get final it reveals the flag all right and task 5 erm magic huh where is the flag so here basically what you have to do it's actually funny you have to highlight the hu where is the flag and continue highlighting until you reveal the text written in white which happens to be the flag so just do that qr such technology is quite reliable so if you download the task files you will see that the file is actually a qr code so sometimes we can hide information or files inside qr codes the way to refill them you can use tools or we can use online ones so basically i'm going to use the online tools so here i can copy the link let's see where is the link just going to search for it okay let's use the site i guess i have to use it here okay so we open firefox we navigate to the site upload the image and you will review the flag and this is what was hidden inside the qr code take the flag copy it and go back correct reverse it or read it so here we have reversing channels both works it's all up to you download the file and upon downloading guys i opened the file using gitra immediately so as you can see here the the first thing we do is we take a look at the main function so this is the main function here it just prints out hello there wish you have a nice day that what it is doing but on the other hand we see we have other functions that have not been called right for example we have this function okay and we have this we have this all of these are some of them are void functions and some of them are functions that actually do something but they are not called as you can see here in the main function and also we have skip it happens that the skin function prints statement the statement here is a flag so basically that's how you find the flag for this challenge just look at the functions [Music] okay i just think it's not copying the flag correctly let me highlight this one more time right click copy all right let's see if you can copy it here okay there is another way to find this flag right away if we go to the command line and we start radar so we start the analysis and then we display the main function so this is the main function as you can see all it does just prints out this hello there which you have a nice day and then it calls the puts function so if you want to reveal all the functions in radar we can type afl and here we repeat all the functions as you can see we have this function skip that's among these functions we can also display the value of all the registers let's go into the radar here and because we cannot remember all the commands so we go to radar so we printed out the list of all the functions we put in the main function we saw that there is a function that isn't being called and this function happens to be at this address so simply by finding the value of this address you can extract the flag okay then so let's exit and on to the next one another decoding stuff can you decode it so if you cannot determine the type of the encoded string you can go to cyber chef here and select magic this will auto determine or guess the type of encoded string so if we type here the encoded string you see it's now from base 58 so it's space 58 and here is the result okay left or right left right left right right 13 is two mainstream solve this so basically r13 is a crypto algorithm we can take this go again to cyber chef it's the fastest way search for rod 13 as you can see this is the output so apparently it didn't work so maybe we have to change the amount here so start with maybe two three four five six seven so this appears to be the right one okay make a comment no downloadable file no ciphered or encoded text i'm hungry now i need the flag so basically here there is no encoded string to the code there is no cipher to x the file nothing to do so yet they require you to extract the flag so basically what we can do here the only thing we can do here is to inspect the elements so we go to task 10 inspect this and immediately we are present with the flag this is it okay guys so that's it for this room 10 tasks and upcoming videos we're going to do the next 10 tasks so thank you for watching

Info

Channel: Motasem Hamdan

Views: 2,601

Rating: undefined out of 5

Keywords: CTF, Encryption

Id: gqnmNDYT1DI

Channel Id: undefined

Length: 12min 26sec (746 seconds)

Published: Thu Jul 14 2022