Challenge text:
yodawg.jpg 50 ---
steghide was found on the hackers computer. https://scoreboard.openctf.com/yodawg.jpg-a5f90bcb58c65886c8b40623ad5bf73ae62545bc
This file is a tar.gz containing yodawg.jpg. From the hint we know that the steghide tool was used hide another file in this jpg. steghide needs a passphrase; the jpg file happens to represent the flag of Gabon and Gabon was indeed the passphrase used to hide the data:
$ steghide extract -sf yodawg.jpg
Enter passphrase: Gabon
wrote extracted data to "IHeardYouLikeFlags.jpg".
It turns out that IHeardYouLikeFlags.jpg contains another steghided-file, which we can extract using an empy passphrase:
$ steghide extract -sf IHeardYouLikeFlags.jpg
Enter passphrase:
wrote extracted data to "so.txt".
$ cat so.txt
I_put_this_as_the_flag_in_a_flag_so_that_you_can_flag_the_flag.
And the flag was indeed I_put_this_as_the_flag_in_a_flag_so_that_you_can_flag_the_flag..