Solving Root-Me XORed Picture Challenge

Here‘s a cool challenge by Ryscrow of Root-Me . The challenge says

For this challenge you will need to decypher a simple XORed picture. This BMP picture was mistakenly encrypted. Can you recover it ?

The file name is “ch3.bmp” and let’s open in a hex editor and see. I first inspected the first 20 bytes and we can see a string saying “fallen”. Actually I guessed this key of length 6.



However to be more sure I used this online xor-cracker

After that I just wrote this simple program to decrypt 🙂

#include <stdio.h>
#define KEY_LENGTH 6 
/*
* Title: Solving Root-Me XORed Picture Challenge
* Author: Osanda Malith Jayathissa (@OsandaMalith)
* Website: https://osandamalith.wordpress.com
*/
int main() {
 
  FILE *fpIn, *fpOut;
  unsigned char key[KEY_LENGTH] = {'f', 'a', 'l', 'l', 'e', 'n'};
  int enc = 0;
 
  fpIn = fopen("ch3.bmp", "rb");
  fpOut = fopen("flag.bmp", "wb");
 
  for (size_t i = 0; fscanf(fpIn, "%c", &enc) != EOF; ++i) 
  fprintf(fpOut, "%c", enc ^ key[i % KEY_LENGTH]);   
  
  fclose(fpIn);
  fclose(fpOut);
   
  return 0;
}

This is the real image after decrypting 🙂

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s