README.md

Da Vinci

Write-up author: jon-brandy

DESCRIPTION:

Try to find out the secret which is hiding inside of these pictures and learn the truth about Mona Lisa!

HINT:

• NONE

STEPS:

1. First, unzip the .zip file given.

RESULT

2. Let's strings monalisa.

RESULT

3. It looks like there are hidden files inside. Now extract it using binwalk, then jump to the extracted directory.

RESULT

4. Yep, just like what we thought!
5. Hmm.. let's try to unzip the famous one.

RESULT

6. Use fcrackzip to get the pass.

fcrackzip -D -u -p /usr/share/wordlists/rockyou.txt famous.zip

RESULT

7. Unzip it again.

8. Hmm.. let's use stegsolve.
9. Well i got nothing.
10. Let's try to strings Plans.jpg.

RESULT

11. Check the youtube video.

RESULT

12. No clue.
13. Let's strings the last file.
14. Well got not clue either. But the file name caught my attention, the clue here is referring to steghide (?).
15. Let's try to use it and insert the pass as TOM ("TOM" is displayed at the image)

RESULT

16. There we go! Strings it.

RESULT

17. Hmm.. What comes to my mind is, this password is for Mona.jpg. But first, the password looks like hashed (might be in MD5, since it's the common hash algorithm in CTF), try to crack it with online md5 cracker.

RESULT

18. Let's use it to mona.

RESULT

19. Hmm.. use it to plans then.

RESULT

20. Stuck for a while here, but when i check the youtube's link we got.
21. I tried to use the Guernica as the password.
22. Turns out it's correct.

RESULT

23. Strings the key.

RESULT

24. It's encoded in base64 , decode it.

RESULT

DECODE IT AGAIN

DECODE IT AGAIN

25. Got the flag!

FLAG

HTB{M0n@_L1z@_!s_D3@D}