# Security Home Cameras Write-up

### Initial Exposure

The first step is to download the encoded png file `secret_encrypted.png`. Notice that the file doesn't open in any image viewer, which menas that the header has been changed. Open the png in a hex editor and look at the first few bytes.

The first 8 bytes are
`76 AF B1 B8 F2 F5 E5 F5`

### PNG Basics

Here it helps to know a little bit about how png files work. [See this webpage for more info.](https://www.w3.org/TR/PNG-Structure.html) According to the spec all png files should start with:
`89 50 4E 47 0D 0A 1A 0A`

Now we can compare the bytes to get some clues as to how the file is encrypted.

### Breaking the Encryption

`76 AF B1 B8 F2 F5 E5 F5` | Encrypted Header
`89 50 4E 47 0D 0A 1A 0A` | Real Header

Notice a few things, `0` in the real header always turns into `F` in the encrypted header. Similarly `A` always maps to `5` and `4` to `B`. If we convert these nibbles into binary and compare them the relationship becomes obvious.


Every bit is inverted. Now we just have to write a small Python script to flip all of the bits of the program.


infile = open("secret_encrypted.png","rb")
outfile = open("decrypted.png","wb")
byte = infile.read(1)
while byte:
byte = ~ord(byte)&0xFF
byte = infile.read(1)

This gives us the following image with the flag.

###### Tylor Childers

Original writeup (https://github.com/inukai132/ctfWriteups/blob/master/2017/kaspersky/300SecurityHomeCameras.md).