Open chimera.bin.img using FTK Imager.
I found key.docx.
extract it and rename key.docx to key.zip
hmm __main__.py ?
zip password key...
but i couldn't find any zip file.
so, i opened chimera.bin.img with HxD.exe. Then i searched "flag".
flag.png in flag.zip
it is in pdf file stream, but i couldn't find any pdf file. so i just carved it.
it says the file is corrupted, but i can get 61% unziped flag.png
it is half of flag, but we can read flag :)
Glitch in the matrix
The DQT area is intentionally covered with 0xFF.
To recover DQT area, I copied and pasted the DQT area of other normal jpg files downloaded from the google.
After many attempts, I could read a flag.
copy&paste rsync data and sum data
follow > udp stream
no footer signature in 5.pcap.
i think i extracted 5.zip wrong because 5.zip said zip file is corrupted.
i couldn't extract 5.zip correctly..
BZh91AY&SY is bz2 header signature
just copy and paste
open .jar using jd-gui java-decompiler.github.io/
part1 is here.
1~4 : DES (Unix)
5~9 : md5crypt, MD5 (Unix)
10~13 : sha512crypt $6$, SHA512 (Unix)
combination bruteforce attack