Difficulty: easy

Category: forensics

Author: xnull

Description:

### Vacation Photo

Someone sent you a vacation photo with a hidden message. The image looks normal, but there's more to it than meets the eye.

Find the secret message hidden in the file.

Solution

The flag is stored in EXIF data; this data is plaintext anyways, so instead of (as intended) running exiftool, we can just pipe it into strings:

curl -s https://<uuid>.ctf.endolum.io:1337/static/vacation.jpg | strings | grep -oE "ENDLM{.*}"

Flag: ENDLM{m3t4d4t4_t3lls_s3cr3ts_9f2b}