H4CK1T CTF 2016: Algeria – Crypt0P1xels (250 points)


RU: Внедрение новейшей системы шифрования информации как всегда приносило множество проблем одной из известных служб fsi: они потеряли модуль, отвечающий за дешифрование информации. А информация уже была зашифрована! Ваша задача на сегодня: определить способ шифрования алгоритма и декодировать сообщение.

EN: We have received pictures from the enemy companion of the unknown before planet. And we haven’t thought up anything better, than to construct DeathStarV3 (the general was a fan of “Star Wars”) and to absorb energy of the whole planet! And again we are pursued by problems: that we don’t know coordinate! Your task is to determine coordinates of this unique planet (which according to our spy are ciphered in the image). Also he could steal one of the scripts intended for embedding of coordinates. All hope only for you!



After downloading and extracting the challenge file, we are presented two files:

encrypted.png is the following image:


The other file, SECRET_TOOL.py contains code that seems to have been used to create encrypted.png:

As it seems, it created the image pixel by pixel using the putpixel function from the PIL module for Python. This means that, for each pixel, an X and Y coordinate for the pixel must be given, as well as a RGB value for its color.

The first pixel is located at X = 0 and Y = 0, with the first value of the RGB triple indicating the length of the flag. So, if we read the first pixel of the output image (encrypted.png) at location (0,0) and take the first value of the RGB triple, we can see the length of the flag.

Then, the next pixel will be located at the location specified in the second and third value of the RGB triple. After the first pixel, also, the first value in the RGB triple will contain a letter of the flag, encoded using the ord() value in Python. We can reverse ord() using chr().

Shortly, the flag can be obtained by reading the X and Y coordinates from the first pixel (indicated by its green and blue values), and by putting the red value through the chr() function. I used the following code to get the flag:

Let’s try the script above:

So, the flag is h4ck1t{1NF0RM$T10N_1$_N0T_$3CUR3_4NYM0R3}

Leave a Comment

Your email address will not be published.