basketball-scholar Write-up

# basketball-scholar Write-up > From: b01lers CTF 2024 > Tags: misc > Problem statement: > I saw my classmate doing homework in the stadium instead of watching the basketball game (what a nerd!). I texted him and asked if he could share his answers. Instead of texting them to me, he pulled a piece of paper, wrote answers on it, then crumpled and tried to tossed it to me across the court. It (obviously) was a bad idea; it almost hit our mascot Purdue Pete! (Picture source: https://www.wthr.com/article/news/local/purdue-pete-named-creepiest-mascot-in-america/531-5e9ce5b9-5fbc-48db-b927-332a8746ec8a) > > Attached file: `pete.png` ![](https://b01lersctf24.storage.googleapis.com/uploads/27d6f21f33043cd1cd0369710f70655b074eeb4be97dd25669541610c85fccfa/pete.png) > > Solved by: Jackylkk2003 ## Yet another stego challenge We apply standard skills that deals with stego challenges. `binwalk`, `file`, LSB, and all others that you can think about. And sadly, no luck. ## Observations This challenge provided an original image. But why do we still have an attached file? Most likely something has changed. Using some tools (such as XOR mode in StegSolve) that shows the differences between 2 images, we can see that there is a diagonal. ![xor](https://hackmd.io/_uploads/ry86-m6zA.png) Alternatively, you can directly see it with bare eyes in the attached image. ![diagonal](https://hackmd.io/_uploads/rySdf7aGC.png) ## Working with the Diagonal So the next problem is, how do we work with that diagonal? The first thing that comes to my mind is the RGB values. However, not much observations there. We should further see that the pixels are not just some random pixels. They are kind of similar to the background (although not very similar). So hiding the flag directly in RGB values is not possible in this case. To hide information and preserve similarity with the background, one way is to use LSB. But first, we should extract these pixels, which can be done using this script. ```python= import numpy import cv2 img = cv2.imread("pete.png") num = 184 # Can be larger actually, just not too large img = img[range(0, num * 3, 3), range(2, 2 + num * 3, 3), :].reshape(1, -1, 3) cv2.imwrite("flag.png", img) ``` ## Solution Now we can put the resulting image to the tools we have (StegSolve), and then we can get the output: ![output](https://hackmd.io/_uploads/BJdXENTf0.png) Obviously it is a base64 encoded string. Decoding it will give the output: `This HW was too easy bctf{Go_b01lerCTFmakers!}` And the flag is `bctf{Go_b01lerCTFmakers!}`.