Blasphemy

Challenge:

We intercepted this image from a user on Ghost Town. Some kind of tool was used to hide a file in this image.

Solution:

Given the challenge description "Some kind of tool was used to hide a file in this image" prompted me to try Steghide. The easiest first option was to try the extraction without supplying a password:

$ steghide extract -sf ../files/witches.jpg

Enter passphrase: 
wrote extracted data to "secret.txt.o".

Success! Viewing the contents of the file revealed the flag:

$ cat secret.txt.o 
flag{950634ccc97ca3ef03e22c759a356973}