The is a follow-on to the first find_the_stack problem from ACSC5. This was originally supposed to be the third one in a series of challenges based on this problem but I had some problems with number two so this became number two.
Problem
Once again, need to find the stack but this time, we’re not looking for an address at all. Find the normal flag (acsc2017{######}).
Go to the next page to see the solution.
Solution
So I will be the first to admit that I could have done a lot better job setting this one up and pointing people in the right general direction. Over the course of the competition, I had to steer people a little bit in the right direction. I had several people who started looking for stenography or other encoding of information in the image. I eventually gave the hint of “Look at how this image is different from the first one” which helped some. If you look, the exif data has been completely removed from this image. Visually, it looks exactly the same (it is). The only obvious difference is the name of the file itself. This file is named 36912733824_35e65a66fc_h.jpg while the original one is named stacks.jpg.
This name is obviously pretty unique, and not likely to be human generated. There are a number of sites out there for sharing photos, among them is Flickr. For a long time Flickr was the standard although it has lost its popularity a bit recently. If you go and pick pretty much any random image on Flickr that allows it to be downloaded, you will notice that the naming convention is pretty similar. You can find a really good write-up here that explains how Flickr names their files and how you can use that. If I follow the directions, and browse to the address http://flickr.com/photo.gne?id=36912733824 it will take you to the page with the image itself. When you get there, you will see the comment with the flag in it acsc2017{FindOtherSources}.
There is no stack. There is only Zuul.