Wednesday, October 17, 2012

hackyou CTF: Steg 300

This challenge was extremely frustrating. The picture is shown below.


I literally spent days staring at this picture zoomed in all close trying to match up fonts and pixels to try to get the key that was half overwritten. I didn't actually solve the problem until they released the following hint.
"Lucy in the Sky with Balls"
The three letters that are bolded are LSB (Least significant bit) at which point I wrote a quick little python script which converted the LSBs of every pixel into binary which I converted to ASCII. The script is shown below.
from PIL import Image

# Open the image in read mode
im = Image.open('stg300.png', 'r')
# pixels is an object which allows access to
# individual pixels
pixels = im.load()
# Get the size of the picture
width, height = im.size

binary_ans = ''
for y in xrange(height): # Iterate through each pixel
    for x in xrange(width):
        # pixels[x, y] returns a tuple with RGB vals
        blue_pix = pixels[x, y][2] # Get the blue val
        lsb = bin(blue_pix)[-1] # Get the LSB
        binary_ans += lsb # Append the LSB

# This just converts the binary to ASCII
answer = ''
for i in xrange(len(binary_ans)/8):
    answer += chr(int(binary_ans[i*8:i*8+8], 2))

print answer
This script returned the following string, which was hidden in the image over and over again.
4E34B38257200616FB75CD869B8C3CF0 *** Congrats
You win!
The
Flag
is
4E34B38257200616FB75CD869B8C3CF0 *** Congrats
You win!
The
Flag
is
4E34B38257200616FB75CD869B8C3CF0 *** Congrats
You win!
The
Flag
is
4E34B38257200616FB75CD869B8C3CF0 *
-- suntzu_II

No comments:

Post a Comment