Guess What

Open the 'guesswhat.pcapng' file in wireshark.Select File>Export Objects>HTTP.Sort by 'Filename'.Save the 'hahaha.zip' as shown.

Extract the files within the compressed archive.Open 'nyc.jpg' in a text editor to reveal additional data.

Download and install a stego tool called 'Outguess'.

GitHub - resurrecting-open-source-projects/outguess: Universal steganographic toolGitHub

View the included config files.

Prepare the OutGuess library for installation.

Run OutGuess against the 'nyc.jpg' file and output the result. The -r flag is needed in order to read stego in a file, by default OutGuess will apply stego to a file.

Concatenate the output file to show any stego pulled out of the file and obtain the flag.

PreviousCSC CTF 2020 Write-ups NextA Simple Cipher

Last updated 3 years ago