We got our hands on a confidential case file from some self-declared “black hat hackers”… it looks like they have a secret invite code available within a QR code, but it’s covered by some image in this PDF! If we want to thwart whatever it is they are planning, we need your help to uncover what that QR code says!
We are given a PDF file, and our goal as described above is to find the secret QR code.
We can see that something is covering the QR code in the image.
I started to see if there is any information about this pdf file with pdfinfo:
Nothing really interesting about. So, I opened the pdf, and yeah… QR code is covered alright.
If we look at the pdf itself, we see the QR code is covered by another image:
Assuming the QR code and the exclamation mark are two separate images, we can try to extract them with another tool called pdfimages
The default image format is PPM (portable pixmap) for non-monochrome images, or PBM (portable bitmap) for monochrome images. Using the -j flag, we are saying to write JPEG files to JPEG format if they exist.
After running pdfimages, we can see now that we have separate files, which one contains the QR code uncovered:
We can open the images-000.ppm and get the QR code:
I used an online tool to read the QR code instead of my phone (because I am lazy lol), and we got the flag. (This is also nice if you want to copy/paste a flag faster).
[https://4qrcode.com/scan-qr-code.php]
flag{you-have-to-do-it-yourself-=D}
This is a nice little challenge. Really good for beginners to learn how to deal with pdf files.
