# BTLO - Meta Challenge: https://blueteamlabs.online/home/challenge/meta-b976cec9e2 :::spoiler TOC [TOC] ::: ## Scenario > The attached images were posted by a criminal on the run, with the caption "I'm roaming free. You will never catch me". We believe you can assist us in proving him wrong. ## ==Q1== > What is the camera model? ### Recon 問有關圖片相關的forensics直覺就是利用exiftool幫忙parse其中的內容，之後再慢慢extract出有用的資訊，~~或是直接丟到chatgpt幫忙extract問題的答案~~ ### Exploit ```bash $ sudo apt install exiftool -y $ exiftool uploaded_1.JPG > uploaded1_exiftool.txt $ exiftool uploaded_2.png > uploaded2_exiftool.txt ``` [chatgpt紀錄](https://chat.openai.com/share/6b38b409-1dec-4245-bb14-6a6fe98160af) :::spoiler Flag Flag: `Canon EOS 550D` ::: ## ==Q2== > When was the picture taken? ### Exploit 這個也是直接看exiftool parse出的Create Date info就好 :::spoiler Flag Flag: `2021:11:02 13:20:23` ::: ## ==Q3== > What does the comment on the first image says? ### Exploit 直接看Comment的欄位就有了 :::spoiler Flag Flag: `relying on altered metadata to catch me?` ::: ## ==Q4== > Where could the criminal be? ### Exploit 這個直接以圖搜圖，就看到類似的建築物在加德滿都 :::spoiler Flag Flag: `Kathmandu` :::