CSAW CTF 2014 – Forensics 200 – Obscurity

This year I had a little bit of time to participate in NYU Poly’s Cyber Security Annual Capture the Flag event. I didn’t have much time to solve a ton of the challenges, but I did take a good look at 3 of them. Two of which I was able to solve. The third, I got everything but the very last step.

Here’s a writeup of those challenges.

Forensics 200 - obscurity

obscurity

This challenge gives you a pdf file, pdf.pdf. You open up the pdf and it’s an image of cookie monster, and that’s it.

Cookie Monster PDF file

There’s nothing really special about it, other than the cookie looks really tasty, so I decided to take a look at the contents of the pdf objects. I used a site called: http://www.extractpdf.com/. They allow you to “Get Images, Text or Fonts out of a PDF File” It’s basically extracting the objects out. You upload the pdf, and under text you find the flag: flag{security_through_obscurity} . Game Over.

extractpdf.com gives you the Flag.

I saw a few other teams used tools like Adobe Acrobat, Pythonpdftotext, and I even noticed it comes up with the Text Viewer with Foxit works. There are lots of ways to solve this one.