Solving Root-Me XORed Picture Challenge

Here‘s a cool challenge by Ryscrow of Root-Me . The challenge says

For this challenge you will need to decypher a simple XORed picture. This BMP picture was mistakenly encrypted. Can you recover it ?

The file name is “ch3.bmp” and let’s open in a hex editor and see. I first inspected the first 20 bytes and we can see a string saying “fallen”. Actually I guessed this key of length 6.

View post on imgur.com



However to be more sure I used this online xor-cracker

View post on imgur.com

After that I just wrote this simple program to decrypt 🙂

[code language=”C”]
#include <stdio.h>
#define KEY_LENGTH 6
/*
* Title: Solving Root-Me XORed Picture Challenge
* Author: Osanda Malith Jayathissa (@OsandaMalith)
* Website: https://osandamalith.wordpress.com
*/
int main() {

FILE *fpIn, *fpOut;
unsigned char key[KEY_LENGTH] = {‘f’, ‘a’, ‘l’, ‘l’, ‘e’, ‘n’};
int enc = 0;

fpIn = fopen("ch3.bmp", "rb");
fpOut = fopen("flag.bmp", "wb");

for (size_t i = 0; fscanf(fpIn, "%c", &enc) != EOF; ++i)
fprintf(fpOut, "%c", enc ^ key[i % KEY_LENGTH]);

fclose(fpIn);
fclose(fpOut);

return 0;
}
[/code]

This is the real image after decrypting 🙂

View post on imgur.com

Leave a Reply