Pragyan 2016 - Harry Potter - Steganography

Reading time ~1 minute

HP

Pragyan CTF might not have been on the CTFTime timetable this year but it ran during the week so we took part. We in fact finished 2nd outright with 1251 points. Equal in points to first place but arriving there later and only one challenge remained unsolved.

A minor 35 points for this harmless looking stego challenge so how hard can it be? In fact it was one of the last challenges I solved, probably due to the use of a cipher I had never heard of. It had only a 5% solve rate too so I guess a lot of folks struggled.

Actually before I go into the solution, that was an overarching theme of Pragyan for me, ciphers…. soooo mannnyyyy ciphers. I believe almost every challenge wound up with some ciphertext you had to solve. So it was fun like that.

This begins with an innocent image file which when downloaded quickly gives away a secret:

root@kali:~/pragyan/stego# file HP.png 
HP.png: PNG image data, 385 x 131, 8-bit colormap, non-interlaced
root@kali:~/pragyan/stego# pngcheck HP.png 
HP.png  additional data after IEND chunk
ERROR: HP.png

Using strings we see this…

root@kali:~/pragyan/stego# strings HP.png 
IHDR
...
IEND
wherE ShOUld onE ReaLly lOoK fOr tHis flag

Hmm, at first I extracted the uppercase characters resulting in a “ciphertext” of ESOUERLOKOH. We hammered this string into so many cipher solvers for literally days with no luck.

We then decided to look more into ciphers which involve the way the entire string was encoded, this lead us to the “Bacon” cipher. Using this cipher if we take each lowercase letter to represent an “A” and each uppercase character a “B” we get the string:

wherEShOUldonEReaLlylOoKfOrtHisflag
AAAABBABBAAAABBAABAAABABABAABAAAAAA

Which, using an online solver we get the plaintext “bydelta” which did turn out to be the flag.

DeadFace CTF: Lytton Labs Cryptoware 1

Another great CTF this week with a lot of variety of challenges and very helpful admins. For the second week in a row I'm writing about a...… Continue reading

DigitalOverdose: Time

Published on October 10, 2021

TamilCTF: Ransomware

Published on September 28, 2021