jellyCTF
The_real_truth [810 pts]
Writeup author: lolmenow
Difficulty: medium
Provided files: image01.png on website
Url: https://therealtruthaboutjellyhoshiumi.carrd.co/
Description: note: this is the only subdomain in scope. do not bruteforce/dirbust.
The website presents itself with a long speech and a photo in the middle. Since the category is forensics, I assumed that this is stegonography with the image on the website.
Using Aperi’Solve yields no results, so I used stegsolve by Caesum to see if I can go through the filters and find a hidden flag.
Going through the filters showed nothing, so I used stegsolve’s data extraction feature. This extracts all the data from each bit planes.
I did not know which plane had the flag, so I checked all the planes.
We can save the data, and examine the file.
Hmmm, this seems like it spells out a message! Lets continue digging.
We see our flag not far down!
Final flag: jellyCTF{th3_w0man_in_th3_r3d_ch4nn3l}