Hack You CTF 2012 - Halloween (STG200)

Note: images are missing in this blog post. The only piece of the puzzle we were given was an image file. The distinguishing feature for this picture is that there are a lot of blacks in the palette.

That is, there are a lot of black spots for hiding secret messages in. The way we originally solved this was to obtain the original image. Using Google Images image search to identify where the original came from, we find a very promising site.

Grabbing the file, we then proceeded to use the ImageMagick suite that comes with Ubuntu to compare the two images.

amon@Alyx:~/hackyou/stg200$ compare nstg200.png stg200.png compare.png -compose
Src -highlight-color White -lowlight-color Black compare2.png

The compare command generates a third image amplifying the difference between the two source images.

The secret key appears to be in some form of encryption or encoding: symbols (: and .) grouped in sets of seven. We took these symbols to represent binary (: for 1 and . for 0) and placed them in a file (secret).

1100001 1101001 1101110 1110100 1011111 1100001 1100110 1110010
1100001 1101001 1100100 1011111 1101111 1100110 1011111 1101110
1101111 1011111 1100111 1101000 1101111 1110011 1110100 1110011

Then we wrote a simple python script (solve_stg200.py) to convert these bit strings to bytes and then to ASCII characters:

secrets = file("secret").read().split()
print "".join(chr(int(i, 2)) for i in secrets)

The script in action:

amon@Alyx:~/hackyou/stg200$ python solve_stg200.py
aint_afraid_of_no_ghosts
amon@Alyx:~/hackyou/stg200$

We also did some other tests on the original image. Adjusting the colours in GIMP by playing around with levels a bit and saving a more red rich image and performing the above process again also yielded the same result.

Flag: aint_afraid_of_no_ghosts