概述
HackTheBox 网站CTF靶场杂项(Misc)相关题目blackSquare,题目地址https://app.hackthebox.com/challenges/blacksquare,主要考察图片隐写术和摩斯码的知识点。
解题
题目概述
下载附件得到blackSquare.zip,解压缩得到blackSquare.png
使用file
查看文件类型,为png图片
解题过程
使用exiftool
查看图片信息
使用StegSolve,在Grey bits中发现线索
放大查看
典型的摩斯码,对应的字母与符号如下
编写python脚本
import re
import sys
import string
from PIL import Image
morseAlphabet = {"A": ".-","B": "-...","C": "-.-.","D": "-..","E": ".","F": "..-.","G": "--.","H": "....","I": "..",
"J": ".---","K": "-.-","L": ".-..","M": "--","N": "-.","O": "---","P": ".--.","Q": "--.-","R": ".-.","S": "...",
"T": "-","U": "..-",V": "...-","W": ".--","X": "-..-","Y": "-.--","Z": "--.."," ": "/","1" : ".----","2" : "..---",
"3" : "...--","4" : "....-","5" : ".....","6" : "-....","7" : "--...","8" : "---..","9" : "----.","0" : "-----",
".": ".-.-.-",",": "--..--",":": "---...","?": "..--..","'": ".----.","-": "-....-","/": "-..-.","@": ".--.-.",
"=": "-...-"}
inverseMorseAlphabet = dict((v, k) for (k, v) in morseAlphabet.items())
def decodedMorse(message):
msgSeparated = message.split(' ')
decMessage = ''
for char in msgSeparated:
if char in inverseMorseAlphabet:
decMessage += inverseMorseAlphabet[char]
else:
decMessage += '<CNF>'
print ("decMessage= ", decMessage)
return decMessage
image = Image.open("blackSquare-filterd.png")
rgb = image.convert("RGB")
width, height = image.size
myString = ""
for y in range(0, height, 1):
myString += "\n"
for x in range(0, width, 1):
pixel = rgb.getpixel((x,y))
myString += ("0","1")[pixel[0] == 255]
myString = (myString.replace("0001", "-"))
myString = (myString.replace("01", "."))
myString = re.sub('1+', ' ', myString)
myString = re.sub('\s+', ' ', myString)
myString = myString.strip()
print(myString)
decodedMorse(myString)
运行脚本即可得到包含flag的字符串。