Foreword on the delay.
This write-up arrives late. Very late. In fact, the mission was published… two months ago? Yeah, something like that. It’s solely my own fault for poor time management and few other things, like… laziness, which resulted in this little disaster. Anyway, moving on to the mission!
The mission!
In this mission, as the, well, description stated – we receive a PNG file, so… let’s take a look at it! It’s the first thing to do, right?
much doge, wow
Next up is something I tend to forget to do – use “file”
Okay, so… what to do if we don’t know what to do? Take a look at hex editor, perhaps something is hidden this way.
nah, nothing much
Nothing too interesting to see here. Other than your usual hex rubble and reaffirmation that it indeed is a png file, signature and initial bits.
Okay, so, huh, what do to next? Google for inspiration! This, for example, leads to somewhat interesting links like this. (since it’s not how the message was stored I’ll leave it as an interesting read and not delve into it). Now having googled for a bit and learnt a thing or two, read a couple of stackoverflow questions, it’s probably time to take a brief look at PNG specification, maybe there’s something.
Filtering looks interesting. The filer bit doesn’t have too much possible values(0 - 5) and is applied to every line. Our image is 800 x 800px, so there should be 800 bits. That being said, let’s see what our bits are, then!
which results in
…neat! We may be onto something! Let’s modify our previous script a little, as see how we do.
and the winner, and the winner, and the winner is… (no, it’s not MC Hammer as we definitely not only touched, but tackled this!)
and yes, in fact, this type of mission was used in CONFidence DS CTF / Teaser CTF
at confidence conference in 2015.