Pragyan 2016 - Harry Potter - Steganography

Reading time ~1 minute

HP

Pragyan CTF might not have been on the CTFTime timetable this year but it ran during the week so we took part. We in fact finished 2nd outright with 1251 points. Equal in points to first place but arriving there later and only one challenge remained unsolved.

A minor 35 points for this harmless looking stego challenge so how hard can it be? In fact it was one of the last challenges I solved, probably due to the use of a cipher I had never heard of. It had only a 5% solve rate too so I guess a lot of folks struggled.

Actually before I go into the solution, that was an overarching theme of Pragyan for me, ciphers…. soooo mannnyyyy ciphers. I believe almost every challenge wound up with some ciphertext you had to solve. So it was fun like that.

This begins with an innocent image file which when downloaded quickly gives away a secret:

root@kali:~/pragyan/stego# file HP.png 
HP.png: PNG image data, 385 x 131, 8-bit colormap, non-interlaced
root@kali:~/pragyan/stego# pngcheck HP.png 
HP.png  additional data after IEND chunk
ERROR: HP.png

Using strings we see this…

root@kali:~/pragyan/stego# strings HP.png 
IHDR
...
IEND
wherE ShOUld onE ReaLly lOoK fOr tHis flag

Hmm, at first I extracted the uppercase characters resulting in a “ciphertext” of ESOUERLOKOH. We hammered this string into so many cipher solvers for literally days with no luck.

We then decided to look more into ciphers which involve the way the entire string was encoded, this lead us to the “Bacon” cipher. Using this cipher if we take each lowercase letter to represent an “A” and each uppercase character a “B” we get the string:

wherEShOUldonEReaLlylOoKfOrtHisflag
AAAABBABBAAAABBAABAAABABABAABAAAAAA

Which, using an online solver we get the plaintext “bydelta” which did turn out to be the flag.

RITSEC CTF 2018: Cictrohash

I didn't plan to play this CTF but when I saw this challenge I was a bit hooked. So I ended up competing in it.> See the attached PDF for...… Continue reading

Square CTF 2018: Dot-n-dash

Published on November 15, 2018