Flatpack-522.rar Info

# 3. (Optional) Look for hidden data in the cover image # zsteg -a cover.png # just for curiosity

hidden.txt now contains:

The secret lies within the binary. So the PNG is just a hint, not the flag itself. 6.1 File Type $ file mystery.bin mystery.bin: data Run binwalk to look for embedded files:

DECIMAL HEX DESCRIPTION 0 0x0 PNG image, 256 x 256, 8-bit/color RGBA, non-interlaced Extract the PNG: flatpack-522.rar

Cannot open encrypted file. Use -p option to specify a password. Thus we need the password. 3.1 Brute‑Force / Dictionary Attempts A quick dictionary attack with common passwords (e.g., password , 12345 , admin ) fails. The creator hints in the challenge description: “The key is hidden inside the name of the pack itself.” The file name flatpack‑522 suggests the password may be related to the number 522 .

Try the following candidates:

[LSB] bpp: 8, plane: 0, offset: 0, bits: 1, 0x30 bytes hidden (ASCII) Extract the LSB stream: 256 x 256

# 4. Unpack the binary blob binwalk -e mystery.bin > /dev/null

#!/usr/bin/env bash set -e

# 2. Extract inner archive (no password) unrar x inner.rar not the flag itself.

$ binwalk -e mystery.bin This creates a folder _mystery.bin.extracted containing 00000000.png . Open it:

# 5. Decode QR code from extracted PNG FLAG=$(zbarimg _mystery.bin.extracted/00000000.png | awk -F: 'print $2') echo "✅ Flag: $FLAG" Running the script prints: