This is the other challenge that I wrote for the @bsjtf CTF for BSides Chicago. As this one was also unsolved I wanted to give you a walk through on how to solve this one. The challenge (Lightswitch Matrix) starts with this text:

=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=
BEGIN TRANSMISSION

TARGET: Eagle Weapons and Ammunition
LOCATION: Tybee Island, GA (32° 0′ N / 80° 50′ W)

DETAILS:

Tybee Island is a nice vacation spot. However, we know that there is a rogue operations base being disguised as Eagle Weapons and Ammunition. We intercepted some spreadsheets and the following image. We haven’t been able to make heads or tails of what is going on. We need you to be quick on this one. The last thing we need is an incident at an ammunition factory during a dinner at The Crab Shack.

The file is attached.

Good luck agent!

END TRANSMISSION
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=

Now, if you have played this CTF before you will know that often times the names of the challenge and the “random” text is not always “random”. There were two very big hints in this write up. First, Lightswitch. On/Off…. The second was “intercepted some spreadsheets”. As this is a steganography challenge, the idea is that something is being hidden inside the attached file.

reboot_movie

You download the image and dump strings or look at it in a hex editor and you will noticed what appears to be binary appended to the png. Also, if you looked at the header where the editor name should be you only see “29×29”. This was your third clue. I also tweeted that out on the bsjtf twitter account.

1511894317reboot_movie_hex2

While this looks like binary, it’s not. Well it is, but it’s the simplest form. On/Off. If you arranged the binary in a 29 column by 29 row matrix you got this.

00000000101000011101000000000
00000000011111101100000000000
00000000110000111110100000000
00000000000000100010000000000
00000000011001110111000000000
00000000110100010010100000000
00000000101010101010100000000
00000000011010111011100000000
10100011010011100100000100101
11110101010111100000110101001
10101011110000010111001000001
10100101001011000010100110010
01011110100101011101101010011
11011000010010001100100101101
10100010001101101011110000101
11110100101010111010100001000
10101010001101100101101011100
00101100000111100000100101101
11011011010110010101001111001
00001001111101000011110101001
11000111011111011100111111101
00000000101010001010100011101
00000000110001101011101010001
00000000001110111001100011000
00000000010011100111111110100
00000000001100100101110101110
00000000110110110001101010011
00000000001010100100011101000
00000000111010011100100101101

Even at a first glance you can tell that there is something there. However very few fonts will give you want you wanted. This is why I hinted at spreadsheets both in the description and on the bjstf twitter account. If you imported this into a spreadsheet you got this. Setting the column width and row height to be the same.

611157499libreoffice_excel

Now, let’s move to the On/Off. The idea here was to turn the 0’s off (white) and the 1’s on (black). Even if you switched black with white it would have still been easily identifiable. This resulted with what is clearly an unfinished QR code.

1520234552libreoffice_excel2

At this point, you only needed to fix the corners and it would be a valid QR code when scanned gave you the flag.

1914866774libreoffice_excel3

flag=NO_ITS_THE_CODE_BREAKER

And there you have it. Go ahead, scan the code.

Share →