* EXIF - Thumbnail

Task

Find the password hidden in this JPG image.

[[./ch10.jpg]]

#+begin_src sh
exiftool ch10.jpg -b > thumbnail.bin
#+end_src

** Full process

1) Checked metadata in the original image:

#+begin_src sh
exiftool ch10.jpg
#+end_src

Key findings:
- `Thumbnail Offset: 202`
- `Thumbnail Length: 41506`

2) Extracted the correct thumbnail from EXIF:

#+begin_src sh
exiftool -b -ThumbnailImage ch10.jpg > thumb_extracted.jpg
file thumb_extracted.jpg
exiftool thumb_extracted.jpg
#+end_src

Result:
- `thumb_extracted.jpg` is a valid JPEG (600x339)
- it also contains another EXIF thumbnail (`Thumbnail Length: 15957`)

3) Extracted one level deeper:

#+begin_src sh
exiftool -b -ThumbnailImage thumb_extracted.jpg > thumb2.jpg
file thumb2.jpg
exiftool thumb2.jpg
#+end_src

Result:
- `thumb2.jpg` is a JPEG (300x300)
- JPEG comment: `We need to go deeper`

4) Extra checks (stego tools unavailable in this environment):

#+begin_src sh
steghide info thumb2.jpg
binwalk thumb2.jpg
#+end_src

Both commands were not installed in this environment.

5) Opened/read the image content of `thumb2.jpg` directly.

The text visible in the image:

`The flag is: B33r!sG00d!`

** Flag

`B33r!sG00d!`