Tags: steganography
Rating:
# Chandi Bot 3
- 294 Points / 73 Solves
## Background
I wonder what the bot's favorite dinosaur is?
## Find the flag
If we send a message that contains "dinosaur", it'll reply us with some random dinosaur names:
However, I think that just a rabbit hole.
Then, I start to think: "Any command that's interesting?"
**Yes we do. Like the `/stego` command:**
**Hmm... Let's upload a random PNG image file:**
Let's download it!
```shell
┌[siunam♥earth]-(~/ctf/RITSEC-CTF-2023/Chandi-Bot)-[2023.04.02|16:30:05(HKT)]
└> wget https://media.discordapp.net/ephemeral-attachments/1091391452866682950/1092001499086864384/encoded.png
```
**According to [HackTricks](https://book.hacktricks.xyz/crypto-and-stego/stego-tricks#zsteg), we can use a tool called [`zsteg`](https://github.com/zed-0xff/zsteg) to run all the checks:**
```shell
┌[siunam♥earth]-(~/ctf/RITSEC-CTF-2023/Chandi-Bot)-[2023.04.02|16:30:08(HKT)]
└> zsteg -a encoded.png
b8,b,msb,xy .. file: RDI Acoustic Doppler Current Profiler (ADCP)
b8,rgb,msb,xy .. file: RDI Acoustic Doppler Current Profiler (ADCP)
b8,bgr,msb,xy .. file: RDI Acoustic Doppler Current Profiler (ADCP)
b1,rgb,lsb,yx .. text: "RS{GO_GET_THE_ENCODED_FLAG}"
[...]
```
Boom! We found the flag!
- **Flag: `RS{GO_GET_THE_ENCODED_FLAG}`**
## Conclusion
What we've learned:
1. Extracting Hidden Information In An Image File