ad3n๐Ÿ’€kali:~$
  • ๐Ÿ HOME
    • ๐ŸšฉCTF WRITEUPS
      • CURTIN MALAYSIA CTF 2023
        • Web - General
        • Web - SQLi
        • Pwn & Reverse
      • HTB UNIVERSITY CTF 2023
        • Reverse Engineering
      • Wargames.MY 2023 CTF
        • Web
      • osu!gaming CTF 2024
        • Forensic
      • WolvCTF 2024
        • Web
      • TexSAW CTF 2024
        • Web
      • ACSC 2024 CTF
        • Web
      • NahamCon CTF 2024
        • Forensic
      • UCC CTF 2024
        • Boot2root
    • โœ๏ธNOTES
      • Web Exploitation ๐Ÿ•ธ๏ธ
  • ๐Ÿ”CATEGORIES
  • ๐Ÿ™ŒABOUT
Powered by GitBook
On this page
  1. HOME
  2. CTF WRITEUPS
  3. osu!gaming CTF 2024

Forensic

Last updated 1 year ago

  • Nathan-on-osu

From the zipped file has a image which show chat logs but somehow it has been cropped the part that will show the flag as mentioned in the challenge above. To begin with, i start to look for image metadata using exiftool which there is one part caught my eyes that there is an additional data after the IEND chunk which is not normal.

Flag: osu{cr0pp3d_Future_Candy<3}

After doing some research about that warning, I found that windows also vulnerable to acropalypse which data leakage of google pixel phones where the cropped images that save as same file are overwritten at the start of the old one thus led to additional data after the IEND chunk. Follow this for more .

To recover the cropped image, I found this tool and it is gui based tool which is pretty easy to use. Set the mode custom RGB and resolution 1920x1080 and finally got the flag!

๐Ÿ 
๐Ÿšฉ
information
Acropalypse-Multi-Tool