Questcon 2023 | Forensic

Challenge 1: Island of Hidden Bounty

In this challenge we will use stegseek i.e.

Here we get a link: https://hiddenbounty.netlify.app

Lets try /robots.txt

We get something like this.

Wow we got the flag:

flag: QUESTCON{X_M4rk5Th3Digit4lTr34sur3}

Challenge 2: Isla de Muerta’s Secrets

We need to find local address of the intruder.

Lets use wireshark to find the ip address of the host.

We will get something like this:

We get the ip: 192.168.0.129

Hence, flag: QUESTCON{192.168.0.129}

Challenge 3: Head Jack Sparrow

In this challenge the png file seems to be corrupted.
I tried Wondershare Repairit but it did not work.

Lets check the hex values using hexedit in the terminal.

We can see the hex header values are:

26 ED AF 21 0D 0A 1A 0A 00 00 00 0D 76 22 E2 52

Lets change them to png hexheader values i.e.

89 50 4E 47 0D 0A 1A 0A 00 00 00 0D 49 48 44 52

Now, check the png image and there will be the image of a ship

At the bottom right we see the flag.

flag: QUESTCON{P1RaT3s_Ha13s_PNG_F1l3}

All the best for the next challenges.

Feel free to connect with me on discord;

Id:k4m154m4