Home >

Huntress CTF > Easy Challenges

Back <> Next

It takes a team to do security right, so we have layered our defenses!

For this challenge, we are given a file ’layered_security’ to download. If we run the file command on it we can see the following info:

layered_security: GIMP XCF image data, version 011, 1024 x 1024, RGB Color

So we can immediately tell that it is an image in the GIMP image format. Regarding the GIMP image format, GIMP uses its own native file format, which is known as XCF (eXperimental Computing Facility). XCF is the default file format for saving images in GIMP. It is a flexible format that preserves layers, channels, paths, and other image editing information, making it ideal for working on complex projects with multiple layers and edits.

We can install the tool using:

sudo apt install gimp

and then inspect the file with the command

gimp layered_security

We can see that this is a series of AI generated faces which are all layered on top of one another. We can then begin hiding the layers one by one until we come to the image with the flag:

From here, you can either manually enter the flag, or take a screenshot and submit it to an online text extractor such as this one that worked for us.

Back <> Next