# 1337UP LIVE CTF 2024 WRITEUP player: xzhiyouu ## Warmup - In Plain Sight  I downloaded the photo to Ubuntu and used binwalk to view them.  I found a zip file hidden inside, and there was a file `flag.png` inside it. To separate the zip file, you must first identify the range. The zip file starts at offset `0x20BA6E` (decimal: `2144878`). And it ends at offset `0x20C2A0` (decimal: `2146976`). So the total size is `2144878 - 2146976 = 6450 bytes` Then use the dd command to extract this portion of the file.  In this way we can successfully separate the zip file. I tried to open the zip file, but found that it required a password  So I tried looking for the password elsewhere in the picture. ``` ... XNOz s=M5 pO@; r2w~ ;T2Z ^F2? Jcy* W7yy6e qE.f YoullNeverGetThis719482 flag.pngUT -#WX8 !G4I yO$ R1#`]I )81l fo\:[ ... ``` I used strings to view the image and found the password YoullNeverGetThis719482. Then I got `flag.png` successfully.  This is `flag.png`, a white photo with nothing, so I thought of bit planes. Use [stegsolve](http://stegonline.georgeom.net/) to solve it. (I use the online version here) Then I found the flag at <Blue 1>.