CSAW CTF 2014 – Forensics 200 – Obscurity
This year I had a little bit of time to participate in NYU Poly’s Cyber Security Annual Capture the Flag event. I didn’t have much time to solve a ton of the challenges, but I did take a good look at 3 of them. Two of which I was able to solve. The third, I got everything but the very last step.
Here’s a writeup of those challenges.
Forensics 200 - obscurity
This challenge gives you a pdf file, pdf.pdf
. You open up the pdf and it’s an image of cookie monster, and that’s it.
There’s nothing really special about it, other than the cookie looks really tasty, so I decided to take a look at the contents of the pdf objects. I used a site called: http://www.extractpdf.com/. They allow you to “Get Images, Text or Fonts out of a PDF File” It’s basically extracting the objects out. You upload the pdf, and under text you find the flag: flag{security_through_obscurity} . Game Over.
I saw a few other teams used tools like Adobe Acrobat, Python, pdftotext, and I even noticed it comes up with the Text Viewer with Foxit works. There are lots of ways to solve this one.
Search
Support This Site
If my blog was helpful to you, then please consider donating to the Electronic Frontier Foundation as they do some really good stuff.