Solving Root-Me XORed Picture Challenge

Here‘s a cool challenge by Ryscrow of Root-Me . The challenge says

For this challenge you will need to decypher a simple XORed picture. This BMP picture was mistakenly encrypted. Can you recover it ?

The file name is “ch3.bmp” and let’s open in a hex editor and see. I first inspected the first 20 bytes and we can see a string saying “fallen”. Actually I guessed this key of length 6.

However to be more sure I used this online xor-cracker

After that I just wrote this simple program to decrypt 🙂

#include <stdio.h>
#define KEY_LENGTH 6 
* Title: Solving Root-Me XORed Picture Challenge
* Author: Osanda Malith Jayathissa (@OsandaMalith)
* Website:
int main() {
  FILE *fpIn, *fpOut;
  unsigned char key[KEY_LENGTH] = {'f', 'a', 'l', 'l', 'e', 'n'};
  int enc = 0;
  fpIn = fopen("ch3.bmp", "rb");
  fpOut = fopen("flag.bmp", "wb");
  for (size_t i = 0; fscanf(fpIn, "%c", &enc) != EOF; ++i) 
  fprintf(fpOut, "%c", enc ^ key[i % KEY_LENGTH]);   
  return 0;

This is the real image after decrypting 🙂

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.