[writeup by @ju256]

*CTF:* Kaspersky Industrial CTF Quals 2017

*Team:* Netcat.us

# Security home cameras

## Crypto - 300 points

We're given an encrypted png file. The only thing the description tells us is that the image is from a smart home surveillance camera.

Therefore, the first thing we did, due to the little information, was to open the encrypted image in hexeditor and compare it to a normal png file.


It is interesting to note that for example *0D 0A 1A 1A* (these second four bytes are always the same in png images) is turned in *F2 F5 E5 F5* and *00* is turned in *FF*.

Having that said, we thought that the image was probably encrypted with a substitution cipher or single-byte xor.

The next step was just messing around with the encrypted image to find the way it is encrypted. For example, *0D* xored with *F2* or *0A* xored with *F5* is 255. So we just have to xor each byte from the encrypted image with 255 to get a valid png image.


parts = [f[i:i+2] for i in range(0, len(f), 2)]

for part in parts:
if len(nbyte)==1:


Bingo! A simple but fun task in the end.
FLAG: KLCTF{it_was_just_atbash_encryption}

Original writeup (https://github.com/ju256/CTF/tree/master/Kaspersky%20CTF/Security%20home%20cameras).