Lost document - Autorské řešení úlohy

We’ve got an encrypted file flag.ppm.enc. According to the task instructions, the file was encrypted using AES-256-ECB.

Knowing that ECB isn’t very safe when it comes to uncompressed images (such as .ppm), we can exploit this. Because ECB encrypts each block using the same process, in large files like images this kind of behaviour can expose some patterns.

Therefore, we need to open the file. This is obviously not possible with its current state, since the file doesn’t have the metadata such as dimensions or colour depth.

We can use, for instance GIMP, to create these metadata for us by creating an empty image (./solve/metadata.ppm). Then we need to transfer these metadata to the ./solve/flag.ppm.enc file:

cd ./solve
head -c 63 metadata.ppm > tmp # Save first 62 chars of test.ppm (the metadata + '\n')
(cat tmp; dd if=flag.ppm.enc bs=1 skip=63) > flag.ppm # Prepend the contents of tmp to flag.ppm.enc and write to tmp_out

Now we should be able to open the file flag.ppm.enc normally:

open ./solve/flag.ppm.enc

Of course, the file dimensions don’t have to be always 1920x2560 (even though they are default in most graphic image manipulation apps). In that case we can either try some common sizes or write a short script which tries multiple values of x and y.