Note de bas de page
In this challenge, we are given a backup.pst file.
PST (Personal Storage Table) files are a file format used by Microsoft Outlook to store email messages, calendar events, contacts, and other data. PST files are used for local email storage and provide users with the ability to access their emails and other Outlook data even when not connected to a mail server.
I found this online tool :
As we can see there is a picture in the attachment. The picture is:
The image seems to have the flag at the bottom right corner, but we only have 404CTF{L… Looking at some CVE that may allow us to recover the full image we can find CVE-2023-21036. This CVE tells us that if a Pixel phone from Google truncate an image it is possible to recover the initial image because it didn’t truncate is and save the result in a new file but instead just added an IEND sooner.
We can now use this tool to recover the whole image. I then run the gui.py and set these options:
Now we just have to wait and save the result…
The final image is:
Impressive!!! The flag is 404CTF{L3_f0rM1d@bl3_p09r35_d3s_lUm13re5}