<p>GCTF or Gryphon CTF is a Capture-The-Flag event hosted by Cybersecurity students from Singapore Poly. This write-up provides a solution to solve one of the steganography challenges, Snowy Message.</p>
<h2 id="heading-the-challenge">The Challenge</h2>
<p><img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1677771612310/485a107d-465c-47da-9e16-6092ac7243d3.png" alt class="image--center mx-auto" /></p>
<p>A text file, <code>output.txt</code>, filled with seemingly nonsensical content was provided to participants, as seen above. I quickly browsed through the file and unsurprisingly, there was no flag to be found.</p>
<h2 id="heading-solution">Solution</h2>
<p>Initially, I thought of Unicode steganography using zero-width, invisible characters, which has led to me performing a few trials and errors using this <a target="_blank" href="https://330k.github.io/misc_tools/unicode_steganography.html">tool</a>. Though, I soon realized that was not the case.</p>
<p>After browsing the web in search of a solution, I stumbled upon a tool named, <a target="_blank" href="https://www.kali.org/tools/stegsnow/">Stegsnow</a>, as its name did somehow resemble that of the challenge. Stegsnow can be simply installed on Kali Linux using the command:</p>
<pre><code class="lang-bash">apt install stegsnow
</code></pre>
<p>After which, I ran the tool using the <code>-C</code> flag along with the challenge file as its input in an attempt to decompress and ascertain hidden data within the file.</p>
<p><img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1677772229115/72ca9aca-3a9c-41fa-9cde-7c8283dc67d4.png" alt class="image--center mx-auto" /></p>
<p>The attempt was successful as the flag was extracted, as seen in the image above.</p>


GCTF or Gryphon CTF is a Capture-The-Flag event hosted by Cybersecurity students from Singapore Poly. This write-up provides a solution to solve one of the steganography challenges, Snowy Message.

## The Challenge

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1677771612310/485a107d-465c-47da-9e16-6092ac7243d3.png align="center")

A text file, `output.txt`, filled with seemingly nonsensical content was provided to participants, as seen above. I quickly browsed through the file and unsurprisingly, there was no flag to be found.

## Solution

Initially, I thought of Unicode steganography using zero-width, invisible characters, which has led to me performing a few trials and errors using this [tool](https://330k.github.io/misc_tools/unicode_steganography.html). Though, I soon realized that was not the case.

After browsing the web in search of a solution, I stumbled upon a tool named, [Stegsnow](https://www.kali.org/tools/stegsnow/), as its name did somehow resemble that of the challenge. Stegsnow can be simply installed on Kali Linux using the command:

```bash
apt install stegsnow
```

After which, I ran the tool using the `-C` flag along with the challenge file as its input in an attempt to decompress and ascertain hidden data within the file.

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1677772229115/72ca9aca-3a9c-41fa-9cde-7c8283dc67d4.png align="center")

The attempt was successful as the flag was extracted, as seen in the image above.

This write-up provides a solution to solve a steganography challenge, Snowy Message.

GryphonCTF 2022: Snowy Message Writeup

Hello! I'm a Cybersecurity student with a great passion in all sorts of tech stuff! I do still have lots to learn, so I will be documenting my learning journey here.


HodlToM00N

HodlToM00N

GryphonCTF 2022: Snowy Message Writeup

The Challenge

Solution