// k3ng
  • 👋
  • 2025
    • Cyber Jawara National 2024
      • Whale
      • Grayscale
      • Log4Shell
  • 2024
    • HTB University CTF 2024: Binary Badlands
      • Apolo
      • Freedom
      • Frontier Exposed
      • Wanter Alive
      • Armaxis
    • TSA Cyber Champion 2024
      • 101 - Forensics
      • eavesdropped
      • 101 - Web Exploitation
    • Cyber Jawara International 2024
      • prepare the tools
      • Sleeper
      • P2PWannabe
    • CTF Hology 7.0
      • give me
      • Books Gallery
    • TCP1P CTF 2024
      • doxxed
      • Lost Progress
    • Gemastik 2024 Finals
      • kode-viewer
Powered by GitBook
On this page
  • Challenge Description
  • Flag
  • Analysis
  • Solution
  1. 2025
  2. Cyber Jawara National 2024

Grayscale

Last updated 1 month ago

Challenge Description

A threat actor hides a secret message on this intentionally-broken GIF.

Author: farisv

Flag

CJ{_s0_15_it_pr0nounc3d_GiF_or_JiF?_}

Analysis

We are given a file that according to the description is a broken GIF file. When opened with a hex editor, the header part of the GIF is filled with FF bytes.

Solution

To recover this file, we need to modify the first 16 bytes of the file based on the GIF specification. The reason why we only need to modify the first 16 bytes and not all of the header is that since we can infer from the challenge name that this image will be grayscale, we only need to change the Logical Screen Descriptor and the first two colors of the Global Color Table so that other colors are interpreted as FF or white.

When opening the file with an image viewer after modification, we will see the flag displayed.

Hex editor view of the file
Hex editor view after modification
Image of the flag