The HackSecuReims organized a special event which called a CTF (type Jeopardy) but what's it ?

With my brothers Alexis LEBEL and Corentin FREIRE, we've participed to this event with name Peignoir'Bros and we came dressed in bathrobes.

BECAUSE WE LOVE BATHROBES.

In the room, we were about sixty may be seventy and seperated in team of 3 in table with 6blocks. We helped each other for the most hardest levels, and we've the opportunities to discuss with em and others like organizers.

The most interessant part because it's the heart of CTF. From scanning a qrcode to get a flag to writing a program in rust, this CTF have a huge panel of challenges. I'll expose you twos of em'.

First the GIF problem. You have a GIF with a sequence of +1000 frames which itself represents a qrcode. Each frame, when you scanned her, give you one letter from a base64 code which I've to decode him to get the flag. But to have the correct code, I was not going to scan every single frames. So I automatised the code with Python.

1from os import listdir
2from PIL import Image
3from pyzbar.pyzbar import decode
4
5def get_index(x): #function to sort the list of images
6  return(x[6:10])
7
8message = ''
9gifs = sorted(listdir('/home/hakka/Downloads/gifs/'), key=get_index)
10
11for gif in gifs:
12  message += decode(Image.open(f'/home/hakka/Downloads/gifs/{gif}'))[0].data.decode('utf-8')
13
14print(message)

So when this script was executed, he returned to me the base 64 code, so I went to Base 64 Decoder to decode it and get the flag.

The second one was the OCR Reload. It was my first approach with OCRs. I spent 3 hours on it ahah but I was happy to pass it.

I programmed twos differents codes to pass this challenge. First is with pytesseract whichis specialized in OCR.

1from os import listdir
2from PIL import Image
3import pytesseract
4
5def get_index(x): #function to sort the list of images
6  return(x[6:1O])
7
8message = ''
9imgs = sorted(listdir('/home/hakka/Downloads/imgs/'), key=get_index)
10config = r'--oem 3 --psm 10' #config needed to OCR
11for img in imgs:
12  im = Image.open(f'/home/hakka/Downloads/imgs/{img}')
13  character = pytesseract.image_to_string(im, config=config)
14  message += stri.strip()[0]
15
16print(message)

The first one worked almost to the excpetion of 2-3 characters that were fighting, so I decided to retry with an another method.

The second one is with the hashes of images. For example if imgs folder contains 2 imgs with a inside, they'll have the same hashes. So I created a code to compare the hashes of images and I stored them in a dict. For doing that, I used ImageHash

1from os import listdir
2from PIL import Image
3import imagehash
4
5def get_index(x):
6  return(x[6:10])
7
8hashes = {} # ex {'a': 'vreveve33klkn2'} key: character, value: hash
9message=''
10ims = sorted(listdir('/home/hakka/Downloads/imgs/'), key=get_index)
11for img in imgs:
12  im = Image.open(f'/home/hakka/Downloads/imgs/{img}')
13  im_hash = imagehash.dhash(im) # can use phash too
14
15  if im_hash in hashes.values():
16    for key, value in hashes.items():
17      if im_hash == value:
18        message += key
19        break
20  else:
21    newKey = str(input(f'Enter one key for {img}: '))
22    hashes[newKey] = im_hash
23    message += newKey
24
25print(message)

And it's worked. The other challenges was cool too and some were unfortunately impossible because I had not the required skillset.

Like everyone in this event, I am happy to have been able to participate in such an event. I don't regrets anything. I'm looking forward to next year's and this time coming back much stronger.

Thanks to all.