zh3r0 CTF-Are you the Master? 0 Official Write-up

This is a forensic challenge. You are given a corrupted image file.
When you open it in hex editor and scroll down you will see a URL like this.

On visiting that you will be redirected to google drive where you will be getting a flag.bps file.

.bps are patch file which can be patched to appropriate ROMs using certain software. In this case I am using flips.

After than you have to fix the Image headers and remove that link from the footer.

Most people who messaged me did a mistake here. They didn’t fix this IDAT.

After than save it. If everything is fixed it will show purple else it will show black.

After that you just have to Patch the file

Then you get the flag.

Hope you all enjoyed this write-up.