we have here a zip file! If you unzip this we will got many hidden files!
useless!!! let's try something else.. since we got hidden files we can try binwalk on the zip file!!
CDFV2 (Composite Document File V2) Encrypted!! since it's a word office document we can use john to decrypt it!
find the flag in this page (https://www.facebook.com/HackerSpace_JUST-107702673912712)
we are given a facebook link page! and it seems that the flag is hidden inside an image in this page! actually i was lucky! by installing the cover photo as option #1 (: which the flag was hidden inside of it!
at the end of strings output; i got an interesting ascii art!! actually i took my time to finally fiqure what to do!
if you go and open this link trying to find something; it will be a waste of time! but actually i did it (:
so now let's dive into!! the description said "Can you find my register Information plz"!!! so we are looking here for a username and a password (: or at least it must be like this! let's goooo!
strings here give us nothing important! so let's try binwalk to seek any hidden files!
great!!! we have a zip file and it's uncompressed as "post" here! let's cd to our extracted directory!
strings will give us too much random data lines!! so here we need our note that i mentioned it up there! that we are looking for a username and a password for regestration! so i filtered up my result!!!
we got here the name and it's "fl4g"!!!.... the email is base64 data just replace the url symbol %3D to "="! and decrypt it!!!
it's a jpg image! and the description here tell us what to do! we have to find the passphrase to get the flag!
oops! scrolling down in strings output gave me a list of words! so let's save these words in a txt file and use it as our wordlist and see what we'll get!! i used here "stegcracker" to apply bruteforcing on our image to get our passphrase!!!
we are given a png image! firstly i tried stegonagraphy tools! and i got nothing! no interesting data in strings! also in the other tools which i tried! there is no any hidden files using binwalk! i checked the chunks and there size! and everything just work fine!!!! so i ended with a close road!!
but who says your english skills won't benefit you! (: why would be an upper case in such ordinary word in a middle of a senetence!!!! so the missing boy i figured out that he is our flag and we have to find him in : (M)odern (S)chool (B)us ! yeah that's right in the MSB! so i opend my stegsolve trying to extract the flag!
image with binary code inside of it!! first thing we have to do is to extract that binary! image to txt and you will got it! so what to do with it?? i really have no answer for that for a bit of time! but i got lucky! after i extract that binary! i convert it to image but it was a realyy dumb converter! (((: cause i got an image with my binary inside of it!! so it was useless!! but let me tell you why i was lucky with this dumb converter! i was just previewing my images and i saw my lovely dumb image again!
here i just realised that our binary represent a QRcode!!!!!! so i used (https://www.dcode.fr/binary-image) to convert it to a QR (:
we are given a cipher text and it seems some rotation applied here! as we notice there is #13 at the end! and #rot word up in the problem name! so let's give it a try with rot13!
Keypad numbers! we have to decode this into words! i used this decoder: (http://www.aer.org/) deleting the redunduncy numbers and choosing the most sentence that make sense give us > "old is gold"
we are given two files! the first one is "code.txt" which include some binary code! the other file "hint.jfif"! i opened it to see what is says!
great! we have a sign here to lead us to which decoder we have to use! if you already have no idea what is this! you can just search for similar images on bing! at the end you'll figure that this is a BAUDOT Code! decode your binary here (https://www.boxentriq.com/code-breaking/baudot-code) and you got it!
it's a wav file! if we play it; we'll listen to someone trying to call a number! so we have to detect these numbers! sooo by searching i got this site! (http://dialabc.com/sound/detect/) upload the file and Find our DTMF Tones! we'll got these tones: "58877778222255555563322222255" great!!! one step to get our flag! using this decoder that we use it before on "phone Q" > (http://www.aer.org/) ... you may check how it works up here (https://www.dcode.fr/phone-keypad-cipher)
Big Ben clock!!! since we have to decode that symbol given in Big image! so what the second image have to give us ?! it's just an image and does not have any important data! so after depth searching about these symbols ): i figured out what it is!! it all about your searching skills!
so our cipher is "Pigpen cipher" ! but what????????? the second image was our hint! big ben clock! my heart has broken here ))))): (https://www.dcode.fr/pigpen-cipher) decode your symbols and you are all set!
we have an old letter here! contains old symbols! we have to search and search!! your key may be "old alphabets symbols" and that will give you such a huge amount of pics!
then! i notice in the right corner below: Mr.V 1984 !!! i got confused a little bit! i searched about "Mr.v 1984" and ended with nothing! but what if the old alphabets that we are searching about is from 1984!!! and yeah actually it is! it filtered my results and i got my symbols! and here is a pic for them!
