Table of contents
Introduction
Challenge: File types
Category: Forensics
Description This file was found among some files marked confidential but my pdf reader cannot read it, maybe yours can. You can download the file from here.
Solution
The file that was given, I am pretty sure is not a pdf file. We can check the type of file using the file command.
file Flag.pdf
Flag.pdf: shell archive text
It's a shell archive text. As far as I know, we can extract it just by executing the file.
chmod +x Flag.pdf
./Flag.pdf
After executing these commands, you will get a file extracted called flag. Let's what file type it is.
file flag
flag: current ar archive
As we can see it's an ar archive. So let's extract it as well.
ar xv flag
We can continue this process of extracting the files by using their file types. In the end, we are gonna get the flag encoded in hex like this:
7069636f4354467b66316c656e406d335f6d406e3170756c407431306e5f
6630725f3062326375723137795f33343765616536357d0a
Therefore, The flag is picoCTF{f1len@m3_m@n1pul@t10n_f0r_0b2cur17y_347eae65}
Conclusion
This challenge was very annoying I would say. You need to extract a lot of files from files. But In the end, we got the flag in a hex form.
Flag: picoCTF{f1len@m3_m@n1pul@t10n_f0r_0b2cur17y_347eae65}