1. unzip the file
```shell
┌──(kali㉿kali)-[~/code]
└─$ gunzip -d dds1-alpine.flag.img.gz
```
2. As mentioned in the description of the question, use [`srch_strings` from the sleuthkit](https://www.kali.org/tools/sleuthkit/#srch_strings)
```shell
┌──(kali㉿kali)-[~/code]
└─$ srch_strings dds1-alpine.flag.img
RPf1
Missing operating system.
f`f1
|fRfP
Ht[y9Y[
Multiple active partitions.
|XFSBu f
Operating system load error.
SYSLINUX
PPPP
u%8M
t f=!GPTu
+fRfP
F}+f`f
Boot error
@1,`A1,`
@1,`
(t~k
/os/mnt
@1,`
@1,`@1,`@1,`
@1,`@1,`@1,`
@1,`@1,`@1,`
@1,`@1,`@1,`
@1,`@1,`@1,`
@1,`@1,`@1,`
lost+found
.dockerenv
boot
home!o
media
proc2g
rootC_
sbinaO
(t~k
@1,`@1,`@1,`
@1,`@1,`@1,`
@1,`@1,`@1,`
@1,`@1,`@1,`
@1,`@1,`@1,`
@1,`@1,`@1,`
lost+found
.dockerenv
boot
home!o
@1,`@1,`
@1,`
(t~k
/os/mnt
@1,`
@1,`@1,`@1,`
@1,`@1,`@1,`
/bin/busybox
@1,`@1,`@1,`
/bin/busybox
@1,`@1,`@1,`
/bin/busybox
@1,`@1,`@1,`
/bin/busybox
@1,`@1,`@1,`
@1,`@1,`@1,`
/bin/busybox
@1,`@1,`@1,`
/bin/busybox
base64
bbconfig
busybox
chgrp
chmod
chown
conspy
date
dmesg
dnsdomainname
dumpkmap
echo
egrep
false
fatattr
fdflush
fgrep
fsync
getopt
grep
gunzip
gzip
hostname
ionice
iostat
ipcalc
kbd_mode
kill
kmod
link
linux32
linux64
login
lsmod
lzop
makemime
mkdir
mknod
mktemp
modinfo
more$
mount
mountpoint
mpstat
netstat
nice*
pidof
ping,
ping6
pipe_progress
.
.
(omit)
```
3. Since it's too lengthy, as mentioned in Hint, we should use `grep` to help us to find the flag
```shell
┌──(kali㉿kali)-[~/code]
└─$ srch_strings dds1-alpine.flag.img | grep "pico"
ffffffff81399ccf t pirq_pico_get
ffffffff81399cee t pirq_pico_set
ffffffff820adb46 t pico_router_probe
SAY picoCTF{f0r3ns1c4t0r_n30phyt3_a011c142}
```
Sign in with Wallet
Connect another wallet