IMF CTF Writeup
Table of Contents
Introduction⌗
Another weekend, another CTF!
I was this close to calling it a night when a chat notification popped up CTF live! and, like a moth to a flame, I clicked, cracked a few challenges and decided, Eh, I’ll finish the rest in the morning, onto the next day I boot up my machine and open the CTF site… only to be greeted by a
404: NOT_FOUND
Cue slow, dramatic head turn toward the event description the one I definitely should’ve checked. Turns out, it was a 24-hour event.
ayy, no regrets! Here's how I tackled some of the Impossible Mission Force challenges
Sevastopol's Silence (OSINT)
The challenge provided a login page where I identified the username TaylorArtX. A quick Google search revealed their GitHub account.
Email Enumeration
Using the tool GitHub Commits Email Finder, I fed in the username and discovered their exposed email address:
Flag:IMF{taylorpaints@proton.me}
Finding Sevastopol (Misc)
solution
- Identified Morse code in image metadata comments using exiftool
- Decoded using online Morse decoder to get ASCII ciphertext
- Ran the ciphertext through dCode.fr cipher identifier and there I get rewarded
Flag:IMF{Fou7d_th3_P0dk0va}
Finding Gabriel (Stego)
Spectral Analysis
This was easy peasy, I uploaded the provided audio file to dCode.fr under spectral analysis, the flag was clearly visible in the spectrogram, easy!
Flag:IMF{29.5328_S_29.0000E}
The Final Reckoning (Crypto?)
Despite being in the crypto category, standard cryptographic analysis yielded nothing, the PNG file appeared normal
Using Aperi'Solve online steganalysis tool revealed the flag in the blue channel (LSB analysis)
well, this challenge was clearly miscategorized as it required steganographic techniques rather than cryptographic analysis. The flag was embedded using LSB (Least Significant Bit) steganography in the blue channel of the image.
Flag:IMF{Th3_Ent1ty_1s_1n3v1tabl3}
Can You Find Me (OSINT)
Here we were provided with a zip file tried extracting it but was password protected, so I opt for a brute force using john the ripper since it's easy and fast.
Inside the extracted untitled.txt, was a link that led to a webpage
On the comments of the page was a string character with some coordinates, following the challenge description, we craft the flag
Flag:IMF{37.7833 N, 122.4167 W}
H4ppy H4ckin6... GG ^ ͜ 0
