This was my first time competing in the PragyanCTF and they did a great job. Each category had a variety of challenges with varying difficulty. Knowing this is a stego challenge, we should look if there are embedded files within the jpeg they give us: stego_50.jpeg.
Using binwalk we can check for embedded files:
As we can see there’s a zip archive file named “usethis.zip” within the jpeg file. With help from the dd tool, we can extract the zip file from our jpeg.
After running the extraction using binwalk/dd, we now have 2 files: usethis.zip and 29E0.zip
Only one appears to be a zip archive, the other shows only as a data file.
Unzipping the archive with 7zip, we get a plaintext file, which contains a link towards the steghide tool on sourceforge.
Using the cat command on the other file shows a plaintext string: Delta_Force\m/
Now we use the steghide tool to extract our file from the original stego_50.jpeg given to us at the beginning. Knowing that steghide will prompt us for a password password trying the string Delta_Force\m/ we were successfully able to pull out a file: key_stego_1
Using the cat command on the key_stego_1, we receive our flag: PrAgyaNCTF_sTeg1_key.