Tags: #3dsctf #stego
Rating:
from PIL import Image
import sys
# Team RTFM - Red Team Freakin' Maniacs - rtfm-ctf.org
# Writeup - We also have memes!- 3DS-CTF
#playing another CTFs, our team discovered an awesome algorithm to hid messages in a PNG file.
#One member of the team told that is possible to improve the algorithm to make it impossible to retrieve the original message directly. So he hiden a message on this meme and gave to us to solve.
#Prove the he's wrong!
def offset(x,y):
of=[]
for i in range(1,4575):
try:
r, g, b = img.getpixel((x+i,y+i))
except IndexError:
break
if "3" in chr(r):
of.append(i)
if "3" in chr(g):
of.append(i)
if "3" in chr(b):
of.append(i)
return of
def result(p,lf,of,x,y,flag):
if p == 0:
for offse in of:
for i in range(lf):
r, g, b = img.getpixel((x+offse,y+offse))
flag+=chr(r)
x=g
y=b
return flag
if p == 1:
for offse in of:
for i in range(lf):
r, b, g = img.getpixel((x+offse,y+offse))
flag+=chr(r)
x=g
y=b
return flag
if p == 2:
for offse in of:
for i in range(lf):
g, r, b = img.getpixel((x+offse,y+offse))
flag+=chr(r)
x=g
y=b
return flag
if p == 3:
for offse in of:
for i in range(lf):
g, b, r = img.getpixel((x+offse,y+offse))
flag+=chr(r)
x=g
y=b
return flag
if p == 4:
for offse in of:
for i in range(lf):
b, r, g = img.getpixel((x+offse,y+offse))
flag+=chr(r)
x=g
y=b
return flag
if p == 5:
for offse in of:
for i in range(lf):
b, g, r = img.getpixel((x+offse,y+offse))
flag+=chr(r)
x=g
y=b
return flag
p=[0,1,2,4,4,5,6]
def flag(img):
width, height = img.size
lf, x, y = img.getpixel((0,0))
of=offset(x,y)
print "LF:",lf,"X:",x,"Y:",y,"Offset:",of
for i in p:
flag=""
try:
print result(i,lf,of,x,y,flag)[:lf]
print "-"*lf
except TypeError:
pass
img = Image.open(sys.argv[1])
print(img, img.mode) # test
flag(img)
