HackDay - Stegano & Forensic

Forensic Challenge - Hidden Flag Extraction Link to heading

In this challenge, we have a ZIP file containing a log file and two images.

Step 1: Log File Analysis Link to heading

I began by analyzing the log file and found five encoded words. I used dcode.fr to decode them:

• ercbafr (ROT13) → reponse

• c29sdXRpb24= (Base64) → solution

• 636c6566 (Hexadecimal to ASCII) → clef

• 0110001011111011011000110110100001100101 (Binary to text) → bûche

• KDFNGD\~dPbCbiU6H → Unknown

For this last string, dcode.fr couldn’t decode it, so I used CyberChef with a ROT47 brute force, which revealed:

KDFNGD\~dPbCbiU6H → HACKDAY{aM_@_fR3E

Step 2: Image Analysis with Aperisolve Link to heading

Next, I analyzed both images using Aperisolve.

Analysis of Image 1 Link to heading

Findings:

• HACKDAY{08139b20df9f789b7763}
• securepassword

Analysis of Image 2 Link to heading

Findings:

• secure password
• -@LbaRT0s5}

Step 3: Reconstructing the Flag Link to heading

Using the extracted data, I reconstructed the second part of the flag:

Final Flag: HACKDAY{aM_@_fR3E-@LbaRT0s5}