# Hash Browns ### Challenge Description My friend and me has been playing a game. I am trying to reconstruct an image sent by him. Can you help me? ### Write Up - In this challenge we are actually sending the png image byte by byte. - One byte will be `matched` the other will be `ERROR` byte and thus we need to extract the ascii value of the character using the hash of original byte by brute force. - Using `Scapy` you can extract the data. ```python= from scapy.all import * import hashlib r=rdpcap("p11.pcap") happy=open("flag.png","wb") l=[] for i in range(256): l.append(str(hashlib.md5(str(i).encode()).hexdigest())) for i in range(len(r)): b=len(r[i][TCP].payload) c=str(r[i][TCP].payload) z=c[c.rfind("=")+1:] if(b==14 or b==15 or b==16): happy.write(chr(int(z))) if(b==109): happy.write(chr(l.index(z))) ``` - In the above script we are using scapy to read the data in pcap and if we analyse pcap properly we can find that the length of the `byte matched` packets will be 14 or 15 or 16. - When it comes to the `ERROR` it will be 109. - Using payload we are extracting the data send in packet and convering it into `string` and stored it in the variable c. - In the variable `z` we are storing the value after`=` such that we get ascii value of matched byte or md5 hash of the ascii value of the character. - Finally open the file and write the ascii value in it. - Opening the png gives you the flag. :) ### Flag `inctf{g00d_joB_m4te!!}`