InfoSec Institute CTF Challenge #5

Another day, another challenge…

Today’s challenge is #5 from the InfoSec Institute CTF Challenge.

Clicking on the following link we’re presented with the following:


After clicking on the checkbox to prevent the page from displaying additional dialogs, and adding “view-source:” to the URL box we see the following:


When viewing the page source further the reason we were getting multiple alert boxes was that it was inside of an infinite for loop. Read more about for loops HERE.

Looking inside the for loop we see that there is a image field titled “aliens”. Clicking on the file we see the following:


At first when I read the meme I was at a loss, as I have never seen or heard this quote before. After doing some digging online, it hit me. What if there’s another secret meaning to this message?

How does one add a secret inside of an image? Steganography.

Saving the image, and doing a quick Google search of Steganography decoder online we’re presented with this site.

Uploading our file, and pressing decode we get the following:


Binary. OK… this doesn’t seem helpful, or is it?

Doing another Google search to decode binary to ASCII we’re presented with this link.

Entering our binary code, we get the following:


We found the flag!

Lessons learned:

  1. Don’t be deterred by the multiple alert boxes!
  2. Using our trick of adding “view-source:” to the beginning of the URL
  3. Reviewing the page source we noticed a file
  4. Opening file we noticed it was a meme
  5. Researching what meme meant
  6. After finding meaning using tools to extract data that we needed
  7. Not being deterred that the extracted data was not in our preferred format (words not binary)
  8. Used Google to research how we could get extracted data into preferred format (words not binary)
  9. Finally, finding our flag

About birdofbeauty12

A computer security hopeful, who is blogging about her experiences in transitioning over to that field.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s