Hack The Vote Electioneering Write up

Solved by sh!v

The challenge at the very first look seemed to be too easy. Using binwalk on the png readily showed a zip file with flag.txt.

$ binwalk -e poster.png

DECIMAL    HEXADECIMAL    DESCRIPTION
———————————————————————
0                     0x0                           PNG image, 863 x 922, 8-bit/color RGB, non-interlaced
41                   0x29                         Zlib compressed data, default compression
441703          0x6BD67                Zip archive data, encrypted at least v2.0 to extract, compressed size: 38, uncompressed size: 26, name: flag.txt
441869          0x6BE0D                End of Zip archive

Here came the twist, it was password protected so this wasn’t that easy a challenge. Now I went back to the image and searched for a method to get the password of the zip archive. The basic tools like strings, foremost etc gave nothing. On changing the planes, using stegsolve, at r0, g0 and b0 planes showed some kind of variation at the top corner. The gray bits plane showed those in a better view, so I saved the gray bits image.  Using gimp I calculated the pixel length and breadth of the variation and wrote the script to extract values.

from PIL import Image
import sys

flag_img = Image.open(sys.argv[-1])

w, h = flag_img.size

msg = “”
for y in range(4):
for x in range(44):
r, g, b = flag_img.getpixel((x, y))
if r == 255 or g == 255 or b == 255: msg += str(1)
else : msg += str(0)

print (msg)

The output of the above script gave :

 

$ python extract_first_row.py gray.png

01001001011100100110000101110100011001010100000101101110011000010110011101110010011000010110110101000011011000010110101101100101010010010110110101100001011001110110010100100000

On converting it to ascii from binary gave the password:

IrateAnagramCakeImage

Giving this as the password for the zip file gives the flag.txt.

$ cat flag.txt

flag{4nd_th3_w1nn3r_15…}