Posted on by and filed under CSAW Quals 2016.

With this challenge, they gave us an encrypted png. After a bit of trial and error I realized all I had to do was xor the first few bytes of the encrypted file with the standard header of a png. I just downloaded a sample file. Here is my get_key.py


ecrypted = open('sleeping.png','rb').read().decode('base64')
png = open('sample.png','rb').read()

key = ""
for i in range(0,30):
    key += chr(ord(ecrypted[i]) ^ ord(png[i]))
print key
Which gave me the key:
python get_key.py
WoAh_A_Key!?WoAh_A]?ey#?WoAh_?
Here is my decrypt.py

key = "WoAh_A_Key!?"
encrypted = open('sleeping.png','rb').read().decode('base64')
out = open('decrypted.png','wb')

for i in range(0,len(encrypted)):
    decrypted = chr(ord(encrypted[i]) ^ (ord(key[i % len(key)])))
    out.write(decrypted)
out.close()
Which gave me the image with the flag: View the original post here.