Solving Root-Me XORed Picture Challenge

Here‘s a cool challenge by Ryscrow of Root-Me . The challenge says

For this challenge you will need to decypher a simple XORed picture. This BMP picture was mistakenly encrypted. Can you recover it ?

The file name is “ch3.bmp” and let’s open in a hex editor and see. I first inspected the first 20 bytes and we can see a string saying “fallen”. Actually I guessed this key of length 6.

View post on

However to be more sure I used this online xor-cracker

View post on

After that I just wrote this simple program to decrypt πŸ™‚

#include <stdio.h>
#define KEY_LENGTH 6 
* Title: Solving Root-Me XORed Picture Challenge
* Author: Osanda Malith Jayathissa (@OsandaMalith)
* Website:
int main() {
  FILE *fpIn, *fpOut;
  unsigned char key[KEY_LENGTH] = {'f', 'a', 'l', 'l', 'e', 'n'};
  int enc = 0;
  fpIn = fopen("ch3.bmp", "rb");
  fpOut = fopen("flag.bmp", "wb");
  for (size_t i = 0; fscanf(fpIn, "%c", &enc) != EOF; ++i) 
  fprintf(fpOut, "%c", enc ^ key[i % KEY_LENGTH]);   
  return 0;

This is the real image after decrypting πŸ™‚

View post on

Leave a Reply