How to extract Zlib from JPG

Asked May 12 '23 at 19:33

Active May 12 '23 at 20:10

Viewed 406 times

I'm currently doing a forensics CTF challenge, where the flag is hidden inside a .jpg file. When I do binwalk on the file, I see the following:

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             JPEG image data, JFIF standard 1.01
34650         0x875A          PNG image, 600 x 424, 8-bit/color RGBA, non-interlaced
34749         0x87BD          Zlib compressed data, best compression
353954        0x566A2         JPEG image data, JFIF standard 1.01

I want to check out the contents of the Zlib file, but can't figure out how to extract it successfully. Any tips are appreciated!

edited May 12 '23 at 20:10

Mark Adler

101,978
13
118
158

asked May 12 '23 at 19:33

pickleroll123

2

What have you tried? In the programming language of your choice, use a zlib library after extracting the zlib section from the file? – Dave S May 12 '23 at 20:13
1

The zlib compressed data is very likely part of the PNG image. It is not a "file". Since you have the offset, you just use zlib's `uncompress()` or `inflate()` starting there. What have you tried? What language are you using? – Mark Adler May 12 '23 at 20:13

How to extract Zlib from JPG

0 Answers0