Secret Map - Scratching the Surface
A mysterious map has surfaced—rumored to lead to a hidden Jedi enclave. The transmission appears to be nothing more than an ordinary image, but you know better.Your contact believes the Jedi left encrypted guidance within its metadata—hidden among the shadows of the file itself.Search beyond what the eye can see. The flag lies not in the stars, but in the data beneath them.(Solving this challenge unveils another follow-up challenge)
We are provided a simple image file of a map but there is obviously more to it than shown on the surface.
Running the image through an exiftool we can see the answer pretty quickly in the Notes section.
Secret Map - Matroyshka?
Evidence: map.jpg
You've decoded the hidden message from the first map-but your discovery only deepens the mystery.
Within the data you recovered lies another, smaller map-carefully concealed by the Jedi to mislead the unworthy. The faint patterns suggest layers of concealment within concealment, a trail meant only for those who can truly see.
Can you extract the second map and uncover what secrets it hides?
Matroyshka is commonly known as nesting dolls so you know there is more to the story of the map image than what was answered in question 1. At first I was expecting to have to utilize the previous answer as a password to extract something else but it was much more simple than that.
Loading up CyberChef I used the Extract Files recipe and out popped the flag that was a hidden image inside.
In a galaxy far, far away, whispers speak of an elusive Jedi hiding a list of secret droids. Your faction dispatched a covert spy droid to track the Jedi’s movements and infiltrate their systems.The droid successfully gained access to the Jedi’s datapad, where the Jedi was carelessly working in a primitive text editor known as Windows Notepad. Before the Jedi discovered the intrusion and destroyed the spy unit, it managed to transmit a fragment of data back to you - the contents of the LocalState folder.No other artifacts survived the extraction. Somewhere within this limited dataset lies the information you seek. Can you uncover the names of the hidden droids—and recover the flag?
We are provided the LocalState.zip that contains the TabState and WindowState folders from Notepad. Using Chris's script we can get some results fairly quickly (sample commandline below):
