Da Vinci Stenography Challenge Solution!

Kamran Saifullah
3 min readJun 11, 2019

--

Let’s dive directly into solving this challenge without any details explaining what HackTheBox is and the rest.

On downloading the file. We are presented with 3 image files.

monalisa.jpg
Plans.jpg
& this one.

The last image seemed suspicious to me. As the title said “Thepassword is the small name of the actor …..”. In the image it’s written “TOM”. Means this should be the pass for this file or any other file? Right!

Tried using TOM against 2 files and got nothing!

Then moved onto trying it on the file containing the pass.

We are presented with the secret message. Let’s check it!

So we have the key and it seems to be MD5 hash. Let’s move onto decrypting it. I love using Hashkiller.co.uk!

Before using this password. Let’s analyze the rest of the files with binwalk. It seems that monalisa.jpg file has a zip file embedded with it.

Let’s extract it using binwalk.

Checking the data of Mona.jpg using strings!

Now we are presented with another directory containing the extracted files. We had another extracted Mona.jpg file. Trying the password “guernica” here worked like a charm!

Moving onto checking what’s inside the key!

So the data is base64 encoded. Moving onto getting the resulting text out of base64.

--

--

Kamran Saifullah
Kamran Saifullah

Written by Kamran Saifullah

Malware/RE/Firmware Analysis, App Sec/Off Sec, VAPT, Phishing Simulations/SE | Risk Management, IS Governance, Audits, ISO 27001 LI

No responses yet