Snowboard (CTF Learn)
Forensics
Find the flag in the jpeg file. Good Luck!
Donāt forget we always work inside VMsĀ .
So weāll upload the file there and thenĀ :
We took the download link and used wget to download theĀ :
I always change the names to something that is closest to what we do, so I changed the name of the file to the name of the task that we are doing nowĀ , Now letās get startedĀ :
Here we define the file typeĀ , There are a lot of interesting thingsĀ :
Letās search using stringsĀ :
The command **strings Snowboard.jpg | head -n 20** is used to extract printable characters (human-readable strings) from the binary content of the file "Snowboard.jpg" and display the first 20 lines of those strings.
Letās break down the components of the command:
-
**strings Snowboard.jpg**: This part of the command runs thestringscommand on the file "Snowboard.jpg". Thestringscommand looks for sequences of printable characters in binary files. -
**|**: This is a pipe symbol, which is used to pass the output of the command on its left as input to the command on its right. -
**head -n 20**: This part of the command takes the output of thestringscommand and displays only the first 20 lines using theheadcommand.
The command **echo "Q1RGbGVhcm57U2tpQmFuZmZ9Cg==" | base64 --decode** decodes the base64-encoded string "Q1RGbGVhcm57U2tpQmFuZmZ9Cg==" using the **base64** command. Here's a breakdown of the components:
-
**echo "Q1RGbGVhcm57U2tpQmFuZmZ9Cg=="**: This part of the command echoes the base64-encoded string to the standard output. -
**|**: This is a pipe symbol, which is used to pass the output of the command on its left as input to the command on its right. -
**base64 --decode**: This part of the command uses thebase64command with the--decodeoption to decode the base64-encoded string.
You can also use https://cyberchef.org/ to extract theĀ flag
Here is the flag\ See you soon in other reportsā¦.!!
Abdelwahab_Shandy
AS_Cyber