Monday, December 26, 2016

3DS CTF 2016

3DS CTF was an interesting CTF, which unlike normal CTFs, went on for a whole week. I had plenty of time to enjoy the challenges. Below are write-ups for some of them.

Stego 100: Excaliflag

The file is a png image with nothing hidden in the binary data. Quick analysis with Steganabara shows that there's not much distortion with the RGB values, this means the flag is either hidden in the LSB values, or an advanced method is used. For only 100 points, of course the former is true.

Playing with the blue bits in Steganabara's Bit Mask Filter and you'll get the flag:

Stego 300: 0liver "Imaged"

By looking at the magic bytes in the binary data, it's easy to see that there is a png image appended at the end of the jpg image. Looking at the png image, it's clear that the flag is hidden in the R and G values of the first few lines. Extract the R and G values and you'll get an ELF file that prints out the flag.

Stego 300: We also have memes!

The flag is hidden in the image using an algorithm in which p and offset are unknown. However, they are small enough to be brute-forced. The flag format is 3DS{}, so this is more like a known plain-text attack with the image as the ciphertext.

(to be continued)

1 comment:

stypr said...

How are you doing? wow, I haven't talked to you for a long time.. :0