Kabinet's GitBook
  • 🚩Kabinet CTF's Writeups
  • Page
  • 2025
    • Thuderdome
      • Emerge through the breach
      • Pulled from the sky
      • An absent defense
      • A new wave (web of deceit)
      • Crossing the great divide
      • Joining forces as one
      • Infiltrate (open the gate)
      • Jaeger
      • Victory
  • 2024
    • GreyCTF 2024
      • Markdown Parser
      • Fearless Concurrency
      • GreyCTF Survey
      • Baby Web
      • Beautiful Styles
      • All About Timing
      • Poly Playground
    • TetCTF 2024
      • Hello from API GW
      • Microservices
  • 2023
    • BSidesSF Cloud Village CTF
      • Tony Tony Tony
      • Plain Sight
      • A Suit of Armor Around The World
      • Sharing is Caring + Sequel
      • Photo Drive
    • DART CTF
      • Flag 1
      • Flag 2
      • Flag 3
      • Flag 4
      • Flag 5
      • Flag 6
      • Flag 7
      • Flag 8
      • Flag 9
      • Flag 10
    • EKS Cluster Games
    • Big IAM Challenge
  • 2022
    • Stack The Flag
      • Secret of Meow Olympurr
  • Authored
    • Cyber League 2025 Major 1
      • Perfect Storage
      • catalog commits
      • pawtainer hub
    • Lag and Crash 2023
      • Managed Secrets
      • Pickle Rick
      • Cloudy with a chance of meatball
    • NYP InfoSec December CTF 2022
      • Super Secure Technology Infrastructure
      • Self Introduction
      • Aww Cuter Cat
      • Obligatory Calc
      • BreadSecurity
  • NYP InfoSec Introduction to Pentesting Workshop
Powered by GitBook
On this page
  • Description
  • Solve

Was this helpful?

  1. Authored
  2. NYP InfoSec December CTF 2022

Aww Cuter Cat

PreviousSelf IntroductionNextObligatory Calc

Last updated 2 years ago

Was this helpful?

Difficulty
Points
Solves

Easy

150

1

Description

This cat is cuter than the rest With fur so soft and eyes so bright She loves to play and loves to cuddle And brings joy to every single night

Her purrs are soothing to the soul And her meows are music to the ear With each and every playful leap She brings laughter and good cheer

This cat is cuter than the rest A true treasure and a dear friend She brings us joy with every breath And we are blessed to have her till the end. Poem by ChatGPT

Solve

Downloading the files and running the file command shows that its a zip file.

Attempting to unzip it shows that it is password protected.

Using zip2john we are able to convert the password protected zip file into hash and crack it with john

zip2john evidence.zip > forjohn
john --wordlist=/usr/share/wordlists/rockyou.txt forjohn

Now, we are able to successfully extract the evidence.img file. Running file on evidence.img shows that it is a linux file system image.

After mounting the evidence, we saw a cat.jpg file with no other files.

cat.jpg shows a photo of a cute cat, however, the file size is very big, which might be suspicious.

Referring from the similar challenge called Aww Cute Cat , we can guess that it is image steganography with steghide.

Using FTK Imager, I mounted the evidence.img and it shows a wordlist in the unallocated space.

When you delete a file, the operating system marks the space on the hard drive that the file occupied as available for use, but it does not actually erase the file's data from the hard drive.

Instead, it simply removes the reference to the file from the file system, which is a database that the operating system uses to keep track of all the files on the computer.

As a result, the data that made up the file is still present on the hard drive, but it is no longer accessible through the file system.

Therefore, we are able to extract the wordlist using a forensics investigation tool like FTK Imager.

Running strings on evidence.img also similarly shows the wordlists.

Now, with the wordlist, we are able to use the tool [stegseek](https://github.com/RickdeJager/stegseek) to perform a password attack on cat.img to extract the flag.

stegseek -sf cat.jpg -wl wordlist.txt

Using , I performed reverse image search and compared the file size.

tinyeye