commit 9b76a554e831186e97820fe8cd45ad28b9a38b2c
Author: Louis Burda <quent.burda@gmail.com>
Date: Mon, 1 Apr 2024 20:43:13 +0200
Add solution
Diffstat:
6 files changed, 28 insertions(+), 0 deletions(-)
diff --git a/chall/description b/chall/description
@@ -0,0 +1 @@
+There is a new variant of a ransomware, messing up my image files. Somebody told me a vital part of forensics is to understand files. Could you help me to recover my image file?
diff --git a/chall/intro-forensics-3.zip b/chall/intro-forensics-3.zip
Binary files differ.
diff --git a/solve/flag b/solve/flag
@@ -0,0 +1 @@
+CSCG{space_space_spaaaace_space!!!}
diff --git a/solve/intro-forensics-3 b/solve/intro-forensics-3
Binary files differ.
diff --git a/solve/out.png b/solve/out.png
Binary files differ.
diff --git a/solve/solve b/solve/solve
@@ -0,0 +1,26 @@
+#!/usr/bin/env python3
+
+import binascii
+
+header = b"\x89\x50\x4e\x47\x0D\x0A\x1A\x0A"
+data = open("./intro-forensics-3", "rb").read()
+assert(data[:len(header)] == header)
+
+pos = len(header)
+chunks = {}
+while pos < len(data):
+ start = pos
+ clen = int.from_bytes(data[pos:pos+4], "big")
+ pos += 4
+ ctype = data[pos:pos+4]
+ pos += 4
+ cdata = data[pos:pos+clen]
+ pos += clen
+ index = int.from_bytes(data[pos:pos+4], "big")
+ pos += 4
+ new_crc = int.to_bytes(binascii.crc32(data[start+4:start+8] + cdata), 4, "big")
+ chunks[index] = data[start:start+8] + cdata + new_crc
+
+chunks = sorted(chunks.items(), key = lambda x : x[0])
+data = header + b"".join([v for k,v in chunks])
+open("out.png", "wb+").write(data)
