Image based coding level

*********** [ADIGA]
6 years ago

1

Will start soon on a new level concept where the user is provided with a link to an image (just random auto generated image) where the password is hidden using the indexes of a certin color.

the user will need to code a program/script to read the image and check for the indexes of that color and exract the password (mostly will be an md5 hash of the pass) then to crack it to solve the level.

it will be timed and the image will keep changing on each attempt to solve it :)

what do you think of this as a level?

to know it i should work on it ot just go read something new ….

32replies
6voices
47views
1image

0

I like any idea used to create new level. xD <3


0

wow……………. new levels !!!!
more score >>>>>>>
lol …………………………………………

[deleted user]
6 years ago

0

Hard one I think but it would be interesting because it’s completely new :)
What programs can be used to read images?

*********** [ADIGA]
6 years ago

0

almost any can do that (php,.net,c/c++,vb,ruby ……) and the list goes on.


0

oops forgot something !
.
.
.
.
.
.
.
.

dude take my karma !!

*********** [ADIGA]
6 years ago

0

flabby, pm me when your online, the script to create the image for the level is done, it will store 2 things in the session for solving the level, should i do the answer checking part too?
besides need to talk about a couple of things before going any further.

*********** [ADIGA]
6 years ago | edited 6 years ago

1

session_start();  
//Coding level 3 for HT, By ADIGA  
// Pass Length ( 6 - 10 ) is the best  
$pass_length = 10;  
//Call Create Pass  
$password = create_pass($pass_length);  
// Creat initial image  
// Image width (fixed 512)  
$width = 512;  
$height = $pass_length;  
$image = imagecreatetruecolor($width, $height);  
for($row = 0; $row < $height; $row++)  
{  
for($column = 0; $column < $width; $column++)  
{  
// The color should not reach 255 as its the key color  
$red = rand(0,250);  
$green = rand(0,250);  
$blue = rand(0,250);  
$color = imagecolorallocate ($image, $red , $green, $blue);  
imagesetpixel($image,$column , $row , $color);  
}  
}  
// Call Mod Image  
foreach($password as $key => $value)  
{  
mod_image($key,$value,$image);  
}  
// Create the password  
function create_pass($pass_length)  
{  
// The time allowed to finish the level in seconds  
$end_time = 120;  
//The chars used in the password  
$passchars = "abcdefghijklmnopqrstuvwxyz";  
for($pass_looper = 0; $pass_looper < $pass_length; $pass_looper++)  
{  
$password[] = $passchars[rand(0,strlen($passchars)-1)];  
}  
$pass = implode("",$password);  
// Setting the results in session for checking later  
$_SESSION['c3_pass'] = $pass;  
$_SESSION['c3_endtime']= time() + $end_time;  
// Return the result  
return($password);  
}  
// modifying the image  
function mod_image($row,$char,$image)  
{  
$char_hash = md5($char);  
$looper = 0;  
for($loop_hash = 0; $loop_hash < 32; $loop_hash++)  
{  
$location = switcher($char_hash[$loop_hash]) + (16 * $looper);  
$red = 255;  
$green = 255;  
$blue = 255;  
$color = imagecolorallocate ($image, $red , $green, $blue);  
imagesetpixel($image, $location , $row , $color);  
$looper++;  
}  
}  
// return hash char index  
function switcher($hash_char)  
{  
switch($hash_char)  
{  
case "0":return(0);break;  
case "1":return(1);break;  
case "2":return(2);break;  
case "3":return(3);break;  
case "4":return(4);break;  
case "5":return(5);break;  
case "6":return(6);break;  
case "7":return(7);break;  
case "8":return(8);break;  
case "9":return(9);break;  
case "a":return(10);break;  
case "b":return(11);break;  
case "c":return(12);break;  
case "d":return(13);break;  
case "e":return(14);break;  
case "f":return(15);break;  
}  
}  
header('Content-type: image/png');  
imagepng($image);  
?>  

0

Let’s tag @flabbyrabbit to make sure he won’t forget this post.

*********** [ADIGA]
6 years ago

0

if any one would like to give any feedback on the script …

Cyan Wind [freewind1012]
6 years ago | edited 6 years ago

0

@ADIGA: Is this intentional or not?
$location = switcher($char_hash[$loop_hash]) + (16 * $looper);
For example:
```
$char_hash = md5(“a”); //0cc175b9c0f1b6a831c399e269772661
for() {
$location = switcher($char_hash[$loop_hash]) + (16 * $looper);
}
/The locations of modified pixels are 0 / 28 / 44 / 49 / 71 / 85 / 107 / 121…/

$char_hash = md5(“b”); //92eb5ffee6ae2fec3ad71c777531578f
for() {
$location = switcher($char_hash[$loop_hash]) + (16 * $looper);
}
/The locations of modified pixels are 9 / 18 / 46 / 59 / 69 / 95 / 111 / 126…/
```
What if someone picks up a wrong location (not a modified pixel) and gets the wrong MD5 hash to decrypt?

*********** [ADIGA]
6 years ago

0

well, if he could read the pixle color right (white) then he should always get a valid hash, if he can not get the pixle color right, he should recode, besids, as a checkup, the user can generate an md5 array of all chars acceptable for the answer an do a compare on each resulting hash, if its not there, he did something wrong.

the ecnryption and decryption should run very fast (for the decryption it can decrypt somewhat big paragraphs in no time if the code written is good with no extra stuff that are not really needed.

the best approch should be able to decrypt a 10,000 chars (alpha small/cabs + numbers + special chars + space and enter) in less than 1 second …

did some tests on the decrypter (no micro time) and it all toke less than 1 second.

*********** [ADIGA]
6 years ago

0

and by international, you mean supports many languages?

if so, it does.
but to make things easier, the allowed chars of the pass can be provided.

Susan S [Trinity]
6 years ago | edited 6 years ago

0

Oh no not one of them: There was one like that on hackthissite and it was a real pain in the butt to solve. Didn’t like it at all. Was too much messing about. So I guess I will need a valium with this one ADGIA ;) Sounds like another sleepless night for me with this one!! I thought you were my friend ADIGA??? :( lol :)

*********** [ADIGA]
6 years ago | edited 6 years ago

0

(if you are below the age of 18) ignore the line below
First thing do you really have boobs? and i do not mean man boobs :P

the lines below cares not for your age….
second thing, its not as hard as the on on hackthissite, it is really a basic concept, easy to code and solve if you understand some key things in the encryptor.

toke me arund 2 hours to think of how the encryptor should work and to code it.
and 20 min to do the decoder.

thinking of upgrading it to a shift in pixles or a change in pixles and actually encrypting an actual image.

Susan S [Trinity]
6 years ago

0

Bit personal there ADIGA?? Have I got Boobs?? Well the last time I looked they were still there….. Hang on! …….. Yip still there my friend! lol :) And I am well over 18 too. What the heck has me having boobs got to do with it?? Yeah it took me ages over the ones in hacktissite, the 1st one was easy but the TV type one was a real pain! I’ll look forward to your level.

*********** [ADIGA]
6 years ago

0

hey Trinity…

Susan S [Trinity]
6 years ago

0

Don’t you want to slap him???? ha!ha!ha! Thanks ADIGA !!!


0

@ADIGA: I mean “You wrote that code on purpose (intentionally), right?”. But now I totally get your idea. :p

2 replies have been removed
Susan S [Trinity]
6 years ago | edited 6 years ago

0

This was one I didn’t like ADIGA. Took me ages.

Image

And I still havn’t done it! :(

Keeper
6 years ago | edited 6 years ago

0

Trinity, I spent half of my life trying to solve stego15 at HTS. Believe me, I’ve even consulted Kaspersky analysts and people that are inventors of steganography techniques. I call this the holy grail. Can talk about it for hours on end.

*********** [ADIGA]
6 years ago

0

lol keeper, tried with it few time some years back, then gave up…
had more immportant things to do like getting married, now im too lazy to go back and try things there, besides … 99% of the people i knew in HTS are either dead or in jail or no longer active :(

Keeper
6 years ago

0

My guess is that the inventor (TheMindRapist) made a joke or did something he himself is not quite aware of.

Susan S [Trinity]
6 years ago | edited 6 years ago

0

Hi Keeper, yes you are 100% on that one. I have been a member on there for about five or six years but still haven’t even got close on solving that one! Think I might take a fresh look at it again when I get the chance. :)

I had a right argument with TheMindRapist on there. Accused me of posting spoilers when I wasn’t. Don’t like him too much. A verry arrogant person! :(

*********** [ADIGA]
6 years ago

0

Joined: 23/09/2006 23:56:14 <– member since, had another account that i forgot its pass that is about a year older, then the account got deleted or something during some upgrade on the site :P

Susan S [Trinity]
6 years ago

0

Can’t you get it back again ADIGA? Must be a way I would have thought?? :)

*********** [ADIGA]
6 years ago

0

did not you get it in your inbox?

*********** [ADIGA]
6 years ago

0

it toke some time to apt-get install bless on my shitty connection :(

Keeper
6 years ago

0

The thing about stego15 is that it is impossible by most standards. You just cannot reverse it back to its original state because there is no clue about the original values of the RGBs. They are set to either 255 or 0 depending on their Least Significant Bit. The other option I see round here is if this is some sort of protocol to include quantum steganography.

Cyan Wind [freewind1012]
6 years ago | edited 6 years ago

0

@Keeper: “Quantum steganography”. Well, I believe my child or my grandchild can solve it. :p

Susan S [Trinity]
6 years ago

0

Yes there was some thing’s not so long ago.
HERE

[deleted user]
6 years ago

0

ADIGA: Find the hidden image and you will find the MD5 HASH. http://postimg.org/image/oonbcs7bl/

You must be logged in to reply to this discussion. Login
1 of 33

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss