Skip to main content
  1. CTF Writeups/
  2. scriptCTF 2025/

pdf

·
For 100pts 508 Solves Pdf
subzcuber
Author
subzcuber
i like to imagine i’m funny

Author: Connor Chang

so sad cause no flag in pdf :(

given a challenge.pdf, with the text

no flag here

just below in white font is a red herring

scriptCTF{this_is_def_the_flag_trust}

hidden against the white background, but that’s not the flag

if you open up a pdf you’ll notice they have a lot of “objects” that look like

1 0 obj
<< 
  /somedata
>>
endobj

when you open up the pdf you notice

5 0 obj
<<
  /Type /Annot
  /Subtype /Text
  /Rect [0 0 0 0]
  /Contents (maybe look between stream and endstream)
>>
endobj

which is a helpful “comment” telling you to essentially decode the above stream

4 0 obj
<< /Length 48 /Filter /FlateDecode >>
stream
x+N.,(qq.HI/6/2657(3.7/74O7  %% it has weirder characters actually, my editor is throwing a fit
endstream
endobj

we can extract the hex of that stream from the hexdump or more elegantly match a regular expression as in this gist (you can guess which i ended up doing)

here’s my solve too

solve.py
1
2
3
4
5
6

import zlib

stream_hex = "789c2b4e2eca2c28710e71ab2e48498b2f362f3236c9358d3728332e8a372f37344fce88372d018915d7020047020ed4"

data = bytearray.fromhex(stream_hex)
print(zlib.decompress(data))
scriptCTF{pdf_s7r34m5_0v3r_7w17ch_5tr34ms}

some pdf resources

Reply by Email

Related

Finders Keepers
For 108pt 141 Solves Stego Steghide Binwalk Foremost
aperisolve ftwwww
Adventure Time
For 125pt Strings
adventure time made me cry (multiple times)
Introverted Bocchi
For 290pt Binwalk
yellow dorito girl is me (i play the drums)