hidden.txt now contains:
DECIMAL HEX DESCRIPTION 0 0x0 PNG image, 256 x 256, 8-bit/color RGBA, non-interlaced Extract the PNG:
Good luck, and happy hunting!
[LSB] bpp: 8, plane: 0, offset: 0, bits: 1, 0x30 bytes hidden (ASCII) Extract the LSB stream:
# 2. Extract inner archive (no password) unrar x inner.rar flatpack-522.rar
$ binwalk -e mystery.bin This creates a folder _mystery.bin.extracted containing 00000000.png . Open it:
# 4. Unpack the binary blob binwalk -e mystery.bin > /dev/null hidden
$ unrar x -p522 flatpack-522.rar Result: – the archive opens, extracting a single file named inner.rar . 3.2 Confirmed Password The correct password is 522 (the numeric suffix of the archive’s name). (If you want a more systematic approach, you could also script a quick for i in 0..999; do unrar x -p$i ... && break; done loop.) 4. Analyzing inner.rar The newly extracted inner.rar is again a RAR5 archive, but this time it is not encrypted .