2022-06-03 11-32-03~2.png «DIRECT · 2027»

: Locate the IHDR section (usually starts at offset 0x0C ). The four bytes following IHDR are the width, and the four after that are the height.

: Use StegSolve to cycle through the color planes. Often, the flag is hidden in the Least Significant Bits (LSB) of the Red, Green, or Blue channels.

Below is a technical write-up of the steps required to solve this challenge. 1. Initial File Analysis 2022-06-03 11-32-03~2.png

: Run exiftool 2022-06-03 11-32-03~2.png . This often reveals interesting timestamps or software tags, though in this specific case, the metadata is usually clean or points toward a Windows screenshot. 2. Visual Inspection and Strings

After repairing the height or running StegSolve on the "Gray Bits" or "Red 0" planes, a text string (the flag) typically appears at the bottom of the image or in a separate output window. It usually follows the format CTF{...} or FLAG{...} . : Locate the IHDR section (usually starts at offset 0x0C )

The first step in any forensics challenge is to verify the file type and examine basic metadata.

If repairing the header doesn't reveal the flag, the next step is checking for hidden data: Often, the flag is hidden in the Least

: If you change the dimensions manually, the CRC (Cyclic Redundancy Check) at the end of the chunk will be invalid. You can use a tool like PCRT (PNG Check & Repair Tool) to automatically calculate the correct dimensions based on the existing CRC. 4. Steganography Check