Description
The judge for these pictures is a real fan of antiques. Can you age this photo to the specifications? Set the timestamps on this picture to 1970:01:01 00:00:00.001+00:00 with as much precision as possible for each timestamp. In this example, +00:00 is a timezone adjustment. Any timezone is acceptable as long as the time is equivalent. As an example, this timestamp is acceptable as well: 1969:12:31 19:00:00.001-05:00. For timestamps without a timezone adjustment, put them in GMT time (+00:00). The checker program provides the timestamp needed for each.
Setup
Download original.jpg, rename it to original_modified.jpg, and keep a backup.
Install exiftool and a hex editor (Bless works well on Linux).
Solution
- Step 1Set EXIF sub-second fieldsUse exiftool to set SubSecCreateDate, SubSecDateTimeOriginal, and SubSecModifyDate to 1970:01:01 00:00:00.001. The checker verifies each field independently.exiftool -SubSecCreateDate='1970:01:01 00:00:00.001' \ -SubSecDateTimeOriginal='1970:01:01 00:00:00.001' \ -SubSecModifyDate='1970:01:01 00:00:00.001' original_modified.jpg
- Step 2Patch Samsung:TimeStampSamsung embeds Image_UTC_Data########### near the end of the file. Open the JPEG in Bless, locate Image_UTC_Data1700513181420, and replace the digits with 0000000000001 (epoch +1 ms).
- Step 3Submit and verifyPipe the modified file to the uploader, then run the checker to confirm every timestamp matches.nc -w 2 mimas.picoctf.net 57925 < original_modified.jpg \ && nc -d mimas.picoctf.net 50499
Flag
picoCTF{71m3_7r4v311ng_p1c7ur3_12e0...}
Once every timestamp reads 1970:01:01 00:00:00.001, the checker returns the flag above.