Hello everyone, please note that there is more than one solution, but I will explain the simplest one
soo for any steganography or Forensics challnge i love to put like recon to solve it
strings the image
steghide
zsteg
binwalk
exiftoll
check signatures
There are a lot of tools that help to do this or you can do it manually which is better
I tried and found something interesting
its not clear for me so i use this tool
It will be clearer. Anyway, it is clear that it is a passwd , but what can we do with it?
tentenecio
In this case we only have the image so it will be the passwd for steghide
The second challenge
In this challenge we just have 1 image and its .bmp so we can’t do a lot
soo i try strings and i find something
I tried to check again by looking at the Hex dump
soo now it’s time for use binwalk
sudo binwalk — dd “.*” — run-as=root Cabeza.bmp
we will find 2 file
the flag and image
Unfortunately, the file is password protected
At this moment, I was overthinking and go to brute force the passwd by fcrackzip
I completely forgot there was a picture
Anyway it took time so I came back to and see what we have
from exiftool I found this to be a recurring message and its mean
Coach of both competitions?
soo now its like osint
vicente del bosque
just remove the space vicentedelbosque
the last challnge its just audio and its was speaking backwards just by listening. Then you can use Audacity to revert the end -> md5 and that’s the flag
Plus, there’s the hint DELREVES in the metadata that means backwards
