INSERT_CHALLENGE_TITLE_HERE
Challenge
Imported from local notes.md.
Solution
Original Notes
INSERT_CHALLENGE_TITLE_HERE
Challenge Summary
- Given: a single JPEG attachment named
flag.jpgand a short placeholder description with a provided SHA1 hash. - Goal: recover the hidden flag in the format
CIT{...}. - Constraints: no remote endpoint or password is involved; the solve is entirely local to the image file.
Initial Recon / Triage
- Observations: the image itself only contains the visible placeholder text
[INSERT A HIDDEN MESSAGE OR SOMETHING..], which strongly suggests a metadata or simple stego warm-up rather than a complex visual puzzle. - File identification:
flag.jpgis a normal JPEG/JFIF file with embedded EXIF metadata. - Entry points: verify the provided SHA1, inspect EXIF tags, and scan for obvious embedded strings.
Hypotheses & Approach
- Hypothesis 1: the image hash in the prompt is just an integrity check for the provided file.
- Hypothesis 2: because the challenge is a low-solve-count warm-up stego prompt, the flag is likely stored directly in JPEG metadata.
Execution Steps (Reproducible)
Stage 1
Commands:
cd /root/cit2026CTF/INSERT_CHALLENGE_TITLE_HERE
sha1sum starting_files/flag.jpg
file starting_files/flag.jpg
exiftool starting_files/flag.jpg
Results:
- The SHA1 matched the prompt exactly:
1cdc80f8c797645b9d92e34a4c6c09022e5378aa. exiftoolrevealed anImage DescriptionEXIF tag containing the flag directly.
Stage 2
Commands:
cd /root/cit2026CTF/INSERT_CHALLENGE_TITLE_HERE
strings -a -n 6 starting_files/flag.jpg | grep 'CIT{'
Results:
- The same flag string appears in the JPEG data stream as a printable string, which confirms the EXIF finding.
- The recovered flag is
CIT{ur_w4rm1ng_up_n0w}.
Artifacts Produced
- No extra extraction script was needed; the solve is fully reproducible with the commands above.
Flag
CIT{ur_w4rm1ng_up_n0w}