This question has been done for several hours, because there is no writeup, I explored little by little, and wrote out the ideas of the question for everyone to exchange.
First of all, this is a zip.rar compressed package. The first step after downloading is to drag it into the hexeditor to observe and check whether there is any problem with the head and tail structure of the file. According to the file header, it is judged that this is a zip compressed file, change the suffix name to zip, and decompress it directly. Get a directory, there are two files flag.rar and flag.txt in the directory, the flag.txt file is very small, and the binary and attribute contents are checked to determine that there is no hidden information, so the focus is flag.rar
Open flag.rar and report an error, saying that the header of the secret.png file is damaged, and then there is no such file name in the rar dialog box, you cannot use the file repair function that comes with rar, then drag it into hexeditor to repair it yourself
The first step is to observe the rar file header, there is no problem, it is very correct, then look at the encrypted file part, check the file header of each file, and see that I have repaired it is a83c74, the first two bytes are crc32, and the last byte 74 is The header type of the compressed file, yours is definitely not 74 because you haven't repaired it yet. After repairing, the crc32 is usually calculated. Fortunately, the last two details of the crc32 are a83c, so you don't need to change the crc. After saving, decompress and decompress Get a gif of a white flower
What is the password for this picture? stegsolve opens the picture and finds that the R channel contains half a QR code
What about half of the gif? Look at the two frames of this gif again, it's easy to say, each frame is half a QR code, and the two frames are all together. Photoshop separates the two frames of the gif, and then observes the two frames hidden in each color channel. QR code, get the following QR code
This is almost the same. If you spell it together, you cannot scan it together, because the positioning of the upper two corners of the QR code is released and erased. Use the copy in the lower left corner to make up, so that the flag can be scanned. If you can't scan it with your mobile phone, recommend a tool 'computer desktop QR code scanning artifact'. Since it is said that it is magical, it must be more powerful than mobile phone scanning. If there is any noise, just ignore it, and now there is a flag.
This QR code was modified and blacked out by me, so it can't be scanned directly. You can try it out. You know that you have to do it. The final flag is flag{yan.......... .}, the ellipsis needs to be replaced with your own flag
I don't know if you have the tools mentioned in the article. If not, I will add them later.