SwampCTF - Last Transmission

Last Transmission is another steganography challenge.  It's not as sophisticated as some of the others - but its point value was low, so that's to be expected.  This one actually caused me a lot of frustration because it was much simpler than what I was expecting it to be.


Accessing the Challenge

Clicking on the challenge revealed the following message that guides you towards solving the challenge.

Last Transmission Challenge

There isn't much information here; all we really know is that there is a PNG file attached.  This suggests the challenge is probably steganography.

The attachment in the challenge provided the image seen below.

Last Transmission attachment

Searching for Hidden Data

This one had me frustrated.  I followed my normal steganography methodology.  I started out using exiftool - nothing there.  Then I moved on the using strings - still nothing.

I tried using binwalk next and found the PNG file and some zlib compressed files.  I spent about an hour researching zlib compression and it led me nowhere.  At least one of the zlib files ended up just containing EXIF data.

I then moved on to using several steganography tools like stegsolve to mess with the alpha channels and offsets to see if anything would be revealed. Nothing.


The Simple Solve

Having exhausted all my methods, I thought to myself, Why not just try to mess with brightness and colors in Photoshop? After all, the EXIF data did reveal a Photoshop ICC profile.. so why not?

Sure enough, I set the brightness to -150 and sure enough.. there was the flag.

Last Transmission flag

Conclusion

Sometimes it's important to remember that the solution is not always complicated. Sometimes it might be better to start with simple solutions before investing hours into more complicated solutions.  This is a CTF though, and some CTFs are notorious for trying to trick the players or being overly complicated.