BYU CTF 2026 - Inception | kudaliar's blog

Challenge Description

I found this weird file on my computer. I tried opening it, but there were some problems.

We get a single file named inception.

Initial Analysis

file calls it a PNG, but strings and a hexdump show several file formats stacked into one. A file within a file within a file, hence Inception. Locating the signatures:

1
import re
2
data = open("inception", "rb").read()
3
# IEND (PNG end)   @ 815
4
# PK\x03\x04 (ZIP) @ 823   -> contains data.bin
5
# %PDF             @ 964
6
# %%EOF            @ 1617

So there are three payloads in one blob: a PNG, a ZIP appended after it, and a PDF after that. Each holds one part of the flag.

Extraction

Part 1 - the PNG itself. Rendering the image shows text:

1
flag part 1
2
================================
3
byuctf{wh4t_

Part 2 - the appended ZIP. Carve from the PK offset and read data.bin:

1
import zipfile, io
2
pk = data.find(b"PK\x03\x04")
3
z = zipfile.ZipFile(io.BytesIO(data[pk:]))
4
print(z.read("data.bin").decode())
5
# flag part 2
6
# ================================
7
#   th3

Part 3 - the trailing PDF. Decode its FlateDecode content stream:

1
import zlib, re
2
m = re.search(rb"stream\r?\n(.*?)\r?\nendstream", data, re.S)
3
print(zlib.decompress(m.group(1)).decode())
4
# ... (flag part 3) ... (_fr3ak}) ...

Assemble

1
part1: byuctf{wh4t_
2
part2: th3
3
part3: _fr3ak}

Flag

1
byuctf{wh4t_th3_fr3ak}