RingZer0 – Cryptography – Fashion Victim
Objective:
Get the flag
Solution:
On this page we see a picture of a on old apple computer
with the tag of The New Apple TV across the top, with snow playing on the
screen
The source for the page is pretty basic, just loading a
background image and the gif of snow.
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>The new Apple TV</title>
|
|
</head>
|
|
<body>
|
|
<style type="text/css">
|
|
body { background-color: #5c3302;
}
|
|
h1 { color: white; }
|
|
.tv { position: relative; margin:
auto; margin-top: 20px; width: 471px; height: 616px; background-image:
url(/images/mac.png); }
|
|
.screen { width: 322px; height:
237px; position: absolute; left: 72px; top: 80px; }
|
|
</style>
|
|
<center><h1>The new
Apple TV</h1></center>
|
|
<div class="tv">
|
|
<img src="/images/tv.gif"
class="screen" />
|
|
</div>
|
|
</body>
|
|
</html>
|
|
I was pretty stuck here and had no idea what to do, so I
googled around for a starting point and came across this thread on reddit
The comment from Pharisaeus got me going down the right
track
Basically he points out the fact that a gif is just a series
of static images and its possible to extract them.
So I downloaded the GIF and uploaded it to this website which
split it out for me into individual frames
Armed with that and the comment about trying to XOR the
images, lead me to believe that somewhere in these thirty frames I might be
able to combine two in such a way that I might see something in the resulting
file
Now I spent the better part of a morning learning how to
manipulate images in python and brushing up on file manipulation in windows
with python too
I decided to create a script that would take each file
combine it with another file and output them to a folder
Psudo logic take frame 1 overlay frame 2 write it to a file
then, frame 1 overalyed with frame 3 write it to file… rinse and repeat for
every combination that could made of two of these files.
I came up with the python script that does that
import os
from PIL import Image
#load the frames into a list
mylist = os.listdir('C:\\Temp\\frames')
#set a starting path for the original frames
OrigPath = ('C:\\Temp\\frames')
ListLength = len(mylist)
ListLength = ListLength-1
print("Count is: ",ListLength)
counter = 0
while counter < ListLength:
#defin a new path
for where we will output the combined files
newpath =
"C:\\Temp\\frames\\" + str(counter)
counter_nested = 1
#make a new folder for each starting frame
os.mkdir(newpath)
while
counter_nested < ListLength:
tempbackground
= OrigPath + "\\" + mylist[counter]
tempoverlay =
OrigPath + "\\" +mylist[counter_nested]
background =
Image.open(tempbackground)
overlay =
Image.open(tempoverlay)
background =
background.convert("RGBA")
overlay =
overlay.convert("RGBA")
new_name =
mylist[counter] + " " + mylist[counter_nested]
#create new
name for combined file and write to disk
new_fullpath =
newpath + "\\" + new_name +".png"
print("writting file : ",new_fullpath)
new_img =
Image.blend(background, overlay, 0.5)
new_img.save(new_fullpath,"PNG")
counter_nested
+=1
counter +=1
So now what I have is a directory with a sub directory for
every starting frame, contained in there is an overlay for each of the frames
combine with the starting frame
Now I just manually looked at the resulting combined images
to see if any of them was anything but snow.
In the first folder 0
I see a face in file Frame_00 Frame_06.png
So with that I’m pretty sure that my assumptions were correct,
I just had to look at the resulting 870 pictures till I find something that can
point me to the flag
I found it in folder 17
File frame_17 frame_25 I see this picture wit the flag
information
Flag-AcsW3fK9NxJMn2
Comments
Post a Comment