Hack The Vote 2016 CTF Warpspeed [forensics150]

Key Takeaways

hey what's going on everybody my name is John Hammond welcome back to another video still showing off the hack the vote CTF Capture the Flag competition that was going on this past weekend on November 4th to November 6th uh I didn't solve a whole ton of challenges and I'm uh recording these videos in advance so it is still Saturday although I want to show off next that's 150 Point forensics question it got a lot of solved 290 because it wasn't extremely difficult it just took a little bit of scripting um so the challenge is called warb speed and it says our Trump advertising campaign is incredible it's skyrocketing it's astronomical weight slow down Etc uh so we get this file warp speed and it's a JPEG image and it's crazy jumbled up and and and messed up so I see clear text here I I see the word Trump and I don't know what stuff is over on the side here and I'm curious what all uh this this this is although I think I see like the beginning letters f l a g for flag so this we clearly have to be able to like decipher this in in some way so what I'm going to end up doing is going ahead and uh starting to script this solution I admittedly have already solved this because I have the flag and that's why I'm recording this right up but I want to just showcase the code that I wrote The simpol Python stuff that I that I whipped out so I won't go into too much depth as to how I ended up like viewing all of this although admittedly I just like open it in color paint and tried to the widths and Heights and uh mentally piece together what has been done the image but anyway let's just create a hack the vote uh directory uh we'll get in there and we'll make directory for warp speed and then we'll save this image totally in there uh hack the vote warp speed and I'm just going to call this uh warp speed. jpeg I'm remove the hash in here cool so now let's start up uh Sublime Text and I'm going to create a new script in my hack the vote warp speed ap. Python and I'll zoom in a bit so you can actually see this stuff throw my sh bang line as usual and hopefully I can whip this stuff out so I use Python's Imaging Library python image Library pill and all I actually need from it is the uh image portion and I go ahead and open the thing warp speed. jpeg this should be um Capital image and I'll just call it image okay and admittedly while I was checking out the file in color paints that's not color paint I saw all of the bars for one thing are shifted it they're offset like each row is offset by about each okay so each row is eight pixels high for one thing I saw that by putting in Grid mode and examining each like section you can see just down at the bottom I've selected about eight I don't know if you can barely see that and it the they've all been like rolled to the left so I ended up like assuming if I take this like 32 times I'm sorry I take this 500 like withd image roll about eight times for each one I went through about 32 iterations of it so I did a four Loop here and I ended up cropping each like portion cropping each section I actually just called it region and I did image crop starting from the very left going from that 8 width pixel high in each like 32 or like the multiplication iteration of how far I'm going and then I got the entire image which the width was about a th and again I did the next portion of that that height eight and then I just I multiplied it by one here so it got that box it got each region the8 bit portion and it shifts it over what I'm going to end up doing is I'm going to move that onto and roll it back out and paste it backwards pretty much again I'm just using eight times I to index each call or each each row times I and 8 time I + one because we want to move on to the next row so so now I want to check out that image or see what we have so far I'll run this and I can't really zoom in that well but but hopefully you can see that okay now Trump is aligned and the November 28th or whatever that actually is supposed to say is is put together and now I notice again I can't zoom in this I'm sorry uh but it looks like they're they're kind of shuffled like each column has now been shuffled a little bit I see like the start of a curly brace beginning here and the next end of a clyra on the other side like see this start of an end the very top here on the right is missing on the left it's like each one of them has been shuffled in an alternating order and you because you see this pattern going back and forth throughout it so then I whipped out some quick another another strange kind of loop to uh to put those together and the width of the image now is still a thousand so since there are two of them and I'm trying to just Jam them together I ended up creating a like 500 by 500 image so I do that here I call it image two gosh I should learn to type again I just said I use 500 by 500 image and I alternated through those 32 rows again uh but I just use like a a quick again this is the quick code that you write during a CTF I deter whether I was using like a first half by like a Boolean and I did this by uh for I in range 64 this time here actually I think it was it was Q I did like yeah I used an i and a q I like used a y Loop because I wanted to keep track of two different variables at the same time so while I is less than 64 what I ended up doing was I would determine okay is this the first half is my thing still true and I grabbed the region again image. crop this time again the 08 eight times the row or the column that I'm actually looking at sorry the row I should I should say again 500 being my width and I get the height of it being or my Y2 in this case being a times it Etc I do an else in case it's not because I'm alternating with every iteration so I'll toggle that first half Boolean value and I go from the 500 end because when it's when it's you know X2 or xx1 X2 for these values you can check out the documentation for um image. crop if you need to but it just takes an X1 X2 y1 Y2 for the the section or the the selection that's actually trying to crop out and region is variable I end up creating and then we just paste it onto the Quee that we're working through each time which I just use to index each individual row since now they're being combined you know again I'm just putting them all in one that's why I only go from zero to 500 for the X values and now my Q iterates after each row that I do after I've determined what the region is and I'll toggle that first half variable so it alternates each row as I as I go through it now we should be able to image two. show because that's the one that we've started to work with and this is uh somewhat readable I would again try to zoom in on this for you but flag uh Elite photo skills I'll I'll save this so you can see it a little better winner jpeg okay so now we can get to our terminal and we can EOG winner once I'm in warp speed once I'm in warp speed and I'll zoom in on this can I rotate it for you rotate clockwise dang it I chose the wrong one okay now you can see flag 337 like leite leite Photo skills sk1 or maybe one ll5 lead photo skills and that's our flag to submit crazy pretty discussing python code uh but again it's the kind of thing that you whip out during a CTF so thanks for watching guys hope you enjoyed it uh really it was just two effects that I was trying to unwrap or Unravel for the for the get in the flag that Roll Effect by offsetting each of the rows and then that shuffled card Effect since they're like alternated in one side to another so hope you guys enjoyed and and uh I'll see you in the next video bye