So this is the second challenge Winter Sport which I made for this year’s InCTF international round.
Challenge Description:

Reading the description at first doesn’t give any clue on what the challenge is.
Now let us take a look at the file given.

This is the PDF document that we get. There seems to be nothing interesting in it. So let us use normal tools like binwalk. Using binwalk on this file gives us something interesting.

We find there is a “.7z” archive present. Extracting the contents inside the archive give us a file called omg.pdf
Let us look at what is present inside this PDF.

We find there is nothing inside the file but we can see that some text is highlighted when we use Ctrl+a. Let us see what this text is.
Text: What is Steganography ?Steganography is an amaz ?Sg
This doesn’t make any sense at all. But all we can understand is that there is some sort of steganography involved. Now is the time to get back to the question. What was the name of the question? Winter Sport right? Let us google. What I googled were
- Winter steganography
- winter steg techniques
- snow steg
The third result leads me to a tool called SNOW which performs WhiteSpace Steganography. You can read about the documentation here.
Reading the documentation takes only 5-10 minutes.
Using SNOW on omg.pdf gives us the flag.
FLAG : inctf{w3lcom3_t0_7h3_w0rld_0f_whit3sp4c3}
Happy Hacking!!!
Leave a comment