Forensic
Forensic - Capture this challenge
I have figure out that i have to restore the original image. The screenshot is cropped and on the right side there is probably the password. The problem is that i try multiple tools to restore the original picture. It does not work. Can someone help me or give me a hint?
Thank you.
Forensic - Capture this challenge
Hi, I’m also stuck......I mean I found some extra data @ the end of "first "IEND" part of png as reported by "pngcheck" but I didn’t find how to use it and I’m not sure this the right way because among data I red a different img resolution.
pngcheck -v Capture.png
File: Capture.png (581420 bytes)
1298 x 977 image, 32-bit RGB+alpha, non-interlaced
chunk pHYs at offset 0x00042, length 9: 3779x3779 pixels/meter (96 dpi)
additional data after IEND chunk
ERRORS DETECTED in Capture.png
To easily get extra data you can use "https://github.com/sherlly/PCRT" or play with HEX editor.
Forensic - Capture this challenge
Did anyone found clue to this?
Forensic - Capture this challenge
So I believe we have to extract the password hash from the kbdx file, but I am unsure if rockyou will have the password for that.
Forensic - Capture this challenge
Hi everyone, been doing this challenge for hours now and the clues I got were that you can get the password through steganography (unlikely), the second clue being that there’s a zlib file embedded inside the image file (using binwalk) then extracting that zlib from the image using "binwalk -e image.png"... inside that zlib file there are 7 certificate files... that’s all I’ve got for now. Need help checking the certificate files.
Forensic - Capture this challenge
Hi jayetheus,
Thanks for your rundown on it, I am able to get zlib file, but extracting certificates from it can you help me.
As for checking certificate files I guess this google search can help you -
New reply
New topic