So this is a pretty basic but confusing challenge. Let us look at the description of the challenge and then proceed to solve it.
Challenge File: ART.png
So the clue that description gives us is that the given challenge file “art.png” may not be a PNG. It turns out that it is true. PNGCHECK proves this
Looking at the hex-dump of the image provides us with more clues.
We see a lot of data after IEND, as I observed it, I saw some base64 text and after that %PDF. So yeah, we have a pdf file after the bytes of the image. But what is this base64 text that I am seeing? Let’s decode it.
Shit!! Looks like this was a rabbit hole 😦
Okay, time to check the PDF. Opening the PDF, I saw a lot of text which was not in English but in the end, we see some text which doesn’t at all make sense with the context of the challenge
Finally, I decided to you use binwalk on the PDF file. Skipping the unnecessary steps, we directly go into the extracted directory. We go into the word/media directory and we find an image1.png
I tried strings on this image. I found a particular base64-encoded string at the end. Decoding it gives us the flag.
So yeah, the challenge is done…Yay!
Please share & like the post if you enjoyed the challenge. Cheers!