Start

When we unzip the folder, we get three files index.html, neville.gif and socute.jpg.

The index file and gif file look part of one another and may be there for validation. So let’s look at socute.jpg

When we use binwalk, we realize that there is more stuff in that file. Let’s unzip everything in there.

Solution

Using binwalk, we get a binary file named donotshare. Looking at it, we can use pickle to get something we can understand. Using this script below we get a text banner. Enter that into the form in index.html and you get the flag for the challeneg

1
2
3
4
5
6
7
8
9
10
11
12
13

#!/usr/bin/python2

import pickle

with open('banner.txt', 'rb') as f:
    o = pickle.load(f)

outstr = ''
for line in o:
    for char,n in line:
        outstr += char*n
    outstr += '\n'
print outstr