Prompt: Here is a file with another file hidden inside it. Can you extract it? https://mega.nz/#!qbpUTYiK!-deNdQJxsQS8bTSMxeUOtpEclCI-zpK7tbJiKV0tXYY

I initially started by researching programs to extract files from image files. During this I realized that the title was the name of a command line utility: Binwalk. From the man page, binwalk – tool for searching binary images for embedded files and executable code. After cloning the Binwalk github repo and installing the software I was able to decompress PurpleThing.jpeg with the following command on my Linux system:

binwalk -e ./PurpleTHing.jpeg

This extracted a directory (_PurpleThing.jpeg.extracted). It contained a file that was compressed using zlib (29.zlib). I further extracted data with the following command:

binwalk --dd ".*" 29.zlib

This extracted another directory (_c9.zlib.extracted). This contained an image file (2576C) that I was able to open in my file explorer. That image contained the flag.

Flag: ABCTF{b1nw4lk_is_us3ful}

Key Takeaway: Binwalk is a powerful command line tool that can be used to find hidden files and code in an image file.

Word Count: 171