Da Vinci Stenography Challenge Solution!
Let’s dive directly into solving this challenge without any details explaining what HackTheBox is and the rest.
On downloading the file. We are presented with 3 image files.
The last image seemed suspicious to me. As the title said “Thepassword is the small name of the actor …..”. In the image it’s written “TOM”. Means this should be the pass for this file or any other file? Right!
Tried using TOM against 2 files and got nothing!
Then moved onto trying it on the file containing the pass.
We are presented with the secret message. Let’s check it!
So we have the key and it seems to be MD5 hash. Let’s move onto decrypting it. I love using Hashkiller.co.uk!
Before using this password. Let’s analyze the rest of the files with binwalk. It seems that monalisa.jpg file has a zip file embedded with it.
Let’s extract it using binwalk.
Checking the data of Mona.jpg using strings!
Now we are presented with another directory containing the extracted files. We had another extracted Mona.jpg file. Trying the password “guernica” here worked like a charm!
Moving onto checking what’s inside the key!
So the data is base64 encoded. Moving onto getting the resulting text out of base64.
