Writeups VeniVidiVici CTF 2020

MISC

Challenge name: RunitifYoucan

In this challenge, Exe file was given to us. On checking it with file command, it showed that it is a data file.

$ file challenge.exe 
challenge.exe: data

I checked the file signatures, and it was not `4D 5A 90 ` (the original hex of exe). It was `53 44 8E`.I tried running the file by changing the file signatures using hexedit, but it did not work. Then I tried XORing the bytes of our file and original exe hex. I found out that bytes are xored with 0x1e (30). Then I made a script.

f=open("challenge.exe").read()
s=""
for i in range(len(f)):
 q=ord(f[i])^30
 if(q==106):
  q=0
 p=hex(q)[2:]
 if(len(p)<2):
  p='0'+p
 s+=p
open("ans.exe","wb").write(s.decode('hex'))

I tried to run it in Ubuntu using wine, but it showed some error, so I just checked the strings with flag format, and I got the flag.

$ strings ans.exe |grep -i “parsec”
Parsec{x0R_oBfUsC@t!0N}

The flag is : Parsec{x0R_oBfUsC@t!0N}

Challenge name: Spaces

By looking at the name of the challenge, it seemed to be whitespace esolang. You can find the challenge file here. I copied the content of the file and used this whitespace decoder. I got a huge binary number.

010100000110000101110010011100110110010101100011011110110110110100110000001001000111010001011111001100010110110101110000011100100100000001100011011101000011000101100011011000010100110001011111001000010110000101101110011001110111010101100001011001110011001101011111010101010010010001101001011011100110011101011111011101110110100000110001011101000011001100100100011100000100000001100011011001010010010001111101

I converted it to the string using online Converter and got the flag :

Parsec{m0$t_1mpr@ct1caL_!anguag3_U$ing_wh1t3$p@ce$}

The flag is : Parsec{m0$t_1mpr@ct1caL_!anguag3_U$ing_wh1t3$p@ce$}

Challenge name: Journey through space-time

In this challenge we were given a zip file which contained 300 jpeg having white dots at random places, you can see one of the photos below

1 of the 300 images in the zip file

To solve this, I made a python script and detected the coordinates of the white dot. The idea is to get all the coordinates and plot them on a new image.

The first step was to make a new image

from PIL import Image
img = Image.new(‘RGB’, (640, 360),(255, 255, 255))
pixels=img.load()

Then we have to open every image and get the white pixel of it

for i in range(300):
 im = Image.open(‘nsW38Dh7Qx’+str(i)+’.jpg’)
 pix = im.load()
 for p in range(640):
 for q in range(360):
 pixel_value=pix[p,q]

The RGB of white dots was not precisely 255, so I allowed pixel value in range 250 to 255. If RGB value is in that range, then we change the color of our new image on that coordinate.

if(pixel_value>249 and pixel_value<=256):
    pixels[p,q]=0

In the end, I saved the new image as answer.jpg.

img.save(‘answer.jpg’)

On running the code, I did not get a clear picture of the flag.

Github Link for the script is here

Image created after plotting all the coordinates

So I tried some online image tools, and by darkening the image, it was a bit more readable (https://pinetools.com/darken-image)

Image after darkening

The flag I got from the image was

Parsec{gla@d_y0u_didnt_f@int}

But it was not correct ! so I messaged the author about the flag, and he said that I am very close to the flag need to change some letters to punctuation marks. So on discussing with my teammates, we tried to change the letter ‘ i ’ to ‘! ’ (exclamation mark) and submitted the flag.

It was correct !!!

The correct flag was : Parsec{gla@d_y0u_d!dnt_f@!nt}

PS: In the starting tried to solve this challenge with ‘ImageMagick’ to stack all the images on the first, but it did not work correctly, so I shifted to python.

We solved many other challenges also, I will try to post the writeups in a few days of those challenges.