PicoCTF 2018 - hex editor

Information

Points	Category	Level
150	Forensics	Easy

Challenge

This cat has a secret to teach you. You can also find the file in /problems/hex-editor_2_c1a99aee8d919f6e42697662d798f0ff on the shell server.

Hint

What is a hex editor?

Maybe google knows.

xxd

hexedit

bvi

Solution

We have a image file, but the name of the challenge is hex editor, so it’s obvious that we need to open the file with hex editor and find the flag. One nice option is use the “strings” command that search for printable text in a file and print it.

strings hex_editor.jpg

Strings But it will output a lot of junk that there is in the image so let’s add a filter with grep, pipe the output of the strings to grep that search for some part of the flag that always in the flag like “picoCTF”

strings hex_editor.jpg | grep picoCTF

And we found the flag!

Flag

picoCTF{and_thats_how_u_edit_hex_kittos_22C1d865}