Flatpack-522.rar Official

# 3. (Optional) Look for hidden data in the cover image # zsteg -a cover.png # just for curiosity

[LSB] bpp: 8, plane: 0, offset: 0, bits: 1, 0x30 bytes hidden (ASCII) Extract the LSB stream:

# 2. Extract inner archive (no password) unrar x inner.rar flatpack-522.rar

The archive is deliberately obfuscated: it contains a password‑protected inner RAR, a steganographically‑hidden image, and a small custom‑packed executable that must be run in a controlled environment. $ file flatpack-522.rar flatpack-522.rar: RAR archive data, version 5, created Tue Sep 5 13:42:10 2023, encrypted

# 1. Extract outer archive (password = 522) unrar x -p522 flatpack-522.rar $ file flatpack-522

#!/usr/bin/env bash set -e

$ binwalk mystery.bin Output:

The secret lies within the binary. So the PNG is just a hint, not the flag itself. 6.1 File Type $ file mystery.bin mystery.bin: data Run binwalk to look for embedded files:

$ feh _mystery.bin.extracted/00000000.png The image is a . Decode it with zbarimg : exploitation / analysis

The goal of the challenge is to retrieve the hidden flag that the creator has concealed inside the RAR file. The write‑up is organized into the typical CTF sections: , exploitation / analysis , extraction , and flag retrieval . 1. Overview & Goal | Item | Description | |------|-------------| | Challenge name | FlatPack‑522 | | File | flatpack-522.rar (≈ 2 MiB) | | Category | Forensics / Reverse Engineering | | Typical points | 200‑300 (depends on the event) | | Goal | Extract the hidden flag (format: HTB... or FLAG... ) from the archive. |

$ zsteg -a cover.png Output shows: