PicoCTF: Matryoshka doll

Steganography is the practice of concealing one piece of information within another. There are multiple tools you can use for searching for and extracting these hidden files, one of which is binwalk.

There is no visible alteration to the file we are given so you would never suspect there is a hidden message inside.

  • –extract – states that we wish to extract any hidden files that we may find
  • –matryoshka – This makes the command recursive. Meaning it checks any files that it finds for more hidden files till there are none. The same way to dolls have more hidden inside them.

When binwalk extracts a file it creates a new sub directory for it along with a zip file. You can use “-R” (for recursive) to list all the contents of the current directory and any subdirectory. Then you can cd directly into the one containing the flag.