**Description**

> Too much information to decode.

**Files provided**

\- `everywhere.tar.gz` - containing `everywhere`, a JPEG file

**Solution**

The JPEG shows some typical matrix-y green text visuals. Looking at the EXIF
chunks, metadata, and hexdump reveals nothing of interest. Apparently this is
just a JPEG image and nothing more. Based on the hint I tried to extend the
canvas of the JPEG image, but no, there is just enough data encoded to fill
the canvas.

Since the challenge is called everywhere, let's look everywhere. The
background video playing on the actual CTF submission server is also matrix-y.
But it also seems very much like an excerpt from an actual movie (Animatrix
maybe?), so modifying that to include the flag would be a lot of effort.

How about the Internet? Using a reverse image search, we can search for the
picture we have. And there are many matches. [Some of
them](https://manshoor.com/uploads/editor/source/Westworld4%40manshoor.com.jpg?1478435393695)
match the dimensions of our file exactly – 960x678. The matches are found on
regular websites, it would be impossible to sneak a flag in there and expect
people to find it. So after downloading a matching image from the Internet, we
can compare it to the one we've been given. Putting the two in Photoshop one
on top of the other, we can use the "Difference" blending mode to only see
where the images don't match. And indeed, there is a single line that was
added, here made somewhat brigther (hopefully more readable):

![](https://raw.githubusercontent.com/Aurel300/empirectf/master/writeups/2018-05-31-SecurityFest/screens/everywhere.png)

`sctf{y0u_411_100k_th3_54m3_t0_m3}`

(I wonder if anybody solved this by just noticing the flag in the given
image.)

Original writeup
(https://github.com/Aurel300/empirectf/blob/master/writeups/2018-05-31-SecurityFest/README.md#51-misc
--everywhere).