zh3r0 CTF
Hidden Music [499 pts]
Challenge Description:
The given file is this.bmp
The given hint is just a troll. The challenge has nothing to do with Outguess. However, the actual hint is in the challenge description itself.
So, by using OpenStego a file named didYouCheckMyNumbers.gz can be extracted without a password. However, the extension is just a gimmick and running strings on the file reveals some interesting stuff:
We can see that the file is just a concatenation of a bunch of files. The flag in the middle is just a troll. The MThd chunk is the first chunk in a MIDI file. Since the challenge title suggests something to do with music, this file is important. Using a hex-editor(I used hexed.it), all the bytes preceding MThd are deleted and the resulting file is exported as audio.mid.
The file is then imported into a sequencer(I used onlinesequencer.net/). Zooming out a bit, the flag is visible:
The flag is Zh3r0{MUSIC_IS_FUN_DO_TO_DO}