The first part was asking us to use Visual Hashing chrome extention.

Looking into the source AppData\Local\Google\Chrome\User Data\Default\Extensions\lkoelcpcjjehbjcchcbddggjmphfaiie\1.0.1_0 we understand how the colors are generated :

visualhash.js
```
function updateVisualHash(elem) {
if (elem.value == '' || elem != document.activeElement) {
restoreBackgroundColor(elem);
return;
}
var passwordHash = SHA1(elem.value);
var elemWidth = Math.max(elem.clientWidth,elem.offsetWidth);
var elemHeight = Math.max(elem.clientHeight,elem.offsetHeight);
elem.style['backgroundImage'] = 'url(' + getDataURLForHash(passwordHash,elemWidth,elemHeight) + ')';
}
```
utils.js
```
function getDataURLForHash(passwordHash,inputWidth,inputHeight) {
var win = window;
try {
win = unsafeWindow;
}
catch(e) {}
var canvas = win.document.createElement('canvas');
canvas.height = inputHeight;
canvas.width = inputWidth;
var context = canvas.getContext('2d');

passwordHash = randomizeHash(passwordHash);
/* This is where the 4 colors are calculated */
for (var hashBandX = 0; hashBandX < 4; hashBandX++) {
context.fillStyle='#' + passwordHash.substr(hashBandX*6,6);
context.fillRect(hashBandX/4*inputWidth,0,inputWidth/4,inputHeight);

context.fillStyle='#000000';
context.fillRect(((hashBandX+1)/4*inputWidth)-1,0,2,inputHeight);
}

context.strokeStyle='#000000';
context.strokeRect(0,0,inputWidth,inputHeight);

return canvas.toDataURL();
}
```
From the available image, we know len(flag) = 11 so we can brute force on "INSA{"+alpha(5)+"}"
I used Paint.net to get the 4 colors rgb bytes.
There's a piece of randomness to the implementation (randomizeHash(passwordHash) = +/- 9 per color) so any "best" number between 0 and 36 should be fine.

solution.py
```
import hashlib
import itertools

choices="azertyuiopqsdfghjklmwxcvbn0123456789_"

color=[]
color.append([29,156,13])
color.append([181,88,85])
color.append([188,100,120])
color.append([160,71,220])

print(color)
best=None
bestColorDiff=999;
for password in itertools.product(choices, repeat=5):

a = hashlib.sha1(("INSA{"+''.join(password)+"}").encode('utf-8')).hexdigest()
max=0
for i in range(4):
cur=a[i*6:i*6+6]
val=abs(int(cur[0:2],16)-color[i][0])+abs(int(cur[2:4],16)-color[i][1])+abs(int(cur[4:6],16)-color[i][2])
if val > max:
max=val
if max < bestColorDiff:
best=("INSA{"+''.join(password)+"}")
bestColorDiff=max
print("New best : "+str(bestColorDiff)+" > "+best)
```
python solution.py (started with letter h afterwards)
```
New best : 366 > INSA{hhhhh}
New best : 295 > INSA{hhhha}
New best : 251 > INSA{hhhhz}
New best : 243 > INSA{hhhh4}
New best : 221 > INSA{hhha6}
New best : 212 > INSA{hhhz1}
New best : 209 > INSA{hhhec}
New best : 203 > INSA{hhhrf}
New best : 199 > INSA{hhhrg}
New best : 158 > INSA{hhhr5}
New best : 156 > INSA{hhhr8}
New best : 147 > INSA{hhaiw}
New best : 122 > INSA{hhamt}
New best : 116 > INSA{hhjvs}
New best : 108 > INSA{hhvgo}
New best : 103 > INSA{hh3uz}
New best : 100 > INSA{haenl}
New best : 91 > INSA{halvn}
New best : 85 > INSA{heqvb}
New best : 81 > INSA{hqu65}
New best : 25 > INSA{hctib}
```
INSA{hctib} it is !