Comment your amount - SMP CTF 2024 - Selection Round
In attachment password.zip is provided
password.zip contains following files:
- password.bmp : a bmp image but it doesn’t open.
- flag.zip : it’s password protected
so it seems like we need to find password in password.bmp and use it to unzip the flag.zip
I tried to open the bmp file but it shows file is corrupted.
I open password.bmp in hex editor. I’m using HxD.
It seems like the file is corrupted because something is missing in the file’s header signature.
so i downloaded a sample.bmp file and compared with password.bmp file.
So, there indeed a header signature is missing. here we can see the actual bmp file starts with BM which hex value is 42 4D.
so I edited my password.bmp files header and replace these two hex value and create a new modified password1.bmp
when I open it , it shows the picture below.
now I tried to open flag.zip and provided the password found in that image.
and we got the flag!!