capture the flag, hacking, web application security

InfoSec Institute CTF Challenge #5

Another day, another challenge…

Today’s challenge is #5 from the InfoSec Institute CTF Challenge.

Clicking on the following link we’re presented with the following:

infosec_5_intro

After clicking on the checkbox to prevent the page from displaying additional dialogs, and adding “view-source:” to the URL box we see the following:

infosec_5_pagesource

When viewing the page source further the reason we were getting multiple alert boxes was that it was inside of an infinite for loop. Read more about for loops HERE.

Looking inside the for loop we see that there is a image field titled “aliens”. Clicking on the file we see the following:

infosec_5_aliens_gif

At first when I read the meme I was at a loss, as I have never seen or heard this quote before. After doing some digging online, it hit me. What if there’s another secret meaning to this message?

How does one add a secret inside of an image? Steganography.

Saving the image, and doing a quick Google search of Steganography decoder online we’re presented with this site.

Uploading our file, and pressing decode we get the following:

infosec_5_decode

Binary. OK… this doesn’t seem helpful, or is it?

Doing another Google search to decode binary to ASCII we’re presented with this link.

Entering our binary code, we get the following:

infosec_5_end

We found the flag!

Lessons learned:

  1. Don’t be deterred by the multiple alert boxes!
  2. Using our trick of adding “view-source:” to the beginning of the URL
  3. Reviewing the page source we noticed a file
  4. Opening file we noticed it was a meme
  5. Researching what meme meant
  6. After finding meaning using tools to extract data that we needed
  7. Not being deterred that the extracted data was not in our preferred format (words not binary)
  8. Used Google to research how we could get extracted data into preferred format (words not binary)
  9. Finally, finding our flag