Image based coding level
Will start soon on a new level concept where the user is provided with a link to an image (just random auto generated image) where the password is hidden using the indexes of a certin color.
the user will need to code a program/script to read the image and check for the indexes of that color and exract the password (mostly will be an md5 hash of the pass) then to crack it to solve the level.
it will be timed and the image will keep changing on each attempt to solve it :)
what do you think of this as a level?
to know it i should work on it ot just go read something new ….
I Hate Signatures.
A HACKER should see through his DeCeptions ………………………………..
I guess I see through my DeCeptions ………………………………………………..
10 years ago
0
Hard one I think but it would be interesting because it’s completely new :)
What programs can be used to read images?
I Hate Signatures.
A HACKER should see through his DeCeptions ………………………………..
I guess I see through my DeCeptions ………………………………………………..
flabby, pm me when your online, the script to create the image for the level is done, it will store 2 things in the session for solving the level, should i do the answer checking part too?
besides need to talk about a couple of things before going any further.
I Hate Signatures.
session_start();
//Coding level 3 for HT, By ADIGA
// Pass Length ( 6 - 10 ) is the best
$pass_length = 10;
//Call Create Pass
$password = create_pass($pass_length);
// Creat initial image
// Image width (fixed 512)
$width = 512;
$height = $pass_length;
$image = imagecreatetruecolor($width, $height);
for($row = 0; $row < $height; $row++)
{
for($column = 0; $column < $width; $column++)
{
// The color should not reach 255 as its the key color
$red = rand(0,250);
$green = rand(0,250);
$blue = rand(0,250);
$color = imagecolorallocate ($image, $red , $green, $blue);
imagesetpixel($image,$column , $row , $color);
}
}
// Call Mod Image
foreach($password as $key => $value)
{
mod_image($key,$value,$image);
}
// Create the password
function create_pass($pass_length)
{
// The time allowed to finish the level in seconds
$end_time = 120;
//The chars used in the password
$passchars = "abcdefghijklmnopqrstuvwxyz";
for($pass_looper = 0; $pass_looper < $pass_length; $pass_looper++)
{
$password[] = $passchars[rand(0,strlen($passchars)-1)];
}
$pass = implode("",$password);
// Setting the results in session for checking later
$_SESSION['c3_pass'] = $pass;
$_SESSION['c3_endtime']= time() + $end_time;
// Return the result
return($password);
}
// modifying the image
function mod_image($row,$char,$image)
{
$char_hash = md5($char);
$looper = 0;
for($loop_hash = 0; $loop_hash < 32; $loop_hash++)
{
$location = switcher($char_hash[$loop_hash]) + (16 * $looper);
$red = 255;
$green = 255;
$blue = 255;
$color = imagecolorallocate ($image, $red , $green, $blue);
imagesetpixel($image, $location , $row , $color);
$looper++;
}
}
// return hash char index
function switcher($hash_char)
{
switch($hash_char)
{
case "0":return(0);break;
case "1":return(1);break;
case "2":return(2);break;
case "3":return(3);break;
case "4":return(4);break;
case "5":return(5);break;
case "6":return(6);break;
case "7":return(7);break;
case "8":return(8);break;
case "9":return(9);break;
case "a":return(10);break;
case "b":return(11);break;
case "c":return(12);break;
case "d":return(13);break;
case "e":return(14);break;
case "f":return(15);break;
}
}
header('Content-type: image/png');
imagepng($image);
?>
I Hate Signatures.
Let’s tag @flabbyrabbit to make sure he won’t forget this post.
I Hate Signatures.
@ADIGA: Is this intentional or not?
$location = switcher($char_hash[$loop_hash]) + (16 * $looper);
For example:
```
$char_hash = md5(“a”); //0cc175b9c0f1b6a831c399e269772661
for() {
$location = switcher($char_hash[$loop_hash]) + (16 * $looper);
}
/The locations of modified pixels are 0 / 28 / 44 / 49 / 71 / 85 / 107 / 121…/
$char_hash = md5(“b”); //92eb5ffee6ae2fec3ad71c777531578f
for() {
$location = switcher($char_hash[$loop_hash]) + (16 * $looper);
}
/The locations of modified pixels are 9 / 18 / 46 / 59 / 69 / 95 / 111 / 126…/
```
What if someone picks up a wrong location (not a modified pixel) and gets the wrong MD5 hash to decrypt?
well, if he could read the pixle color right (white) then he should always get a valid hash, if he can not get the pixle color right, he should recode, besids, as a checkup, the user can generate an md5 array of all chars acceptable for the answer an do a compare on each resulting hash, if its not there, he did something wrong.
the ecnryption and decryption should run very fast (for the decryption it can decrypt somewhat big paragraphs in no time if the code written is good with no extra stuff that are not really needed.
the best approch should be able to decrypt a 10,000 chars (alpha small/cabs + numbers + special chars + space and enter) in less than 1 second …
did some tests on the decrypter (no micro time) and it all toke less than 1 second.
I Hate Signatures.
and by international, you mean supports many languages?
if so, it does.
but to make things easier, the allowed chars of the pass can be provided.
I Hate Signatures.
Oh no not one of them: There was one like that on hackthissite and it was a real pain in the butt to solve. Didn’t like it at all. Was too much messing about. So I guess I will need a valium with this one ADGIA ;) Sounds like another sleepless night for me with this one!! I thought you were my friend ADIGA??? :( lol :)
(if you are below the age of 18) ignore the line below
First thing do you really have boobs? and i do not mean man boobs :P
the lines below cares not for your age….
second thing, its not as hard as the on on hackthissite, it is really a basic concept, easy to code and solve if you understand some key things in the encryptor.
toke me arund 2 hours to think of how the encryptor should work and to code it.
and 20 min to do the decoder.
thinking of upgrading it to a shift in pixles or a change in pixles and actually encrypting an actual image.
I Hate Signatures.
Bit personal there ADIGA?? Have I got Boobs?? Well the last time I looked they were still there….. Hang on! …….. Yip still there my friend! lol :) And I am well over 18 too. What the heck has me having boobs got to do with it?? Yeah it took me ages over the ones in hacktissite, the 1st one was easy but the TV type one was a real pain! I’ll look forward to your level.
@ADIGA: I mean “You wrote that code on purpose (intentionally), right?”. But now I totally get your idea. :p
lol keeper, tried with it few time some years back, then gave up…
had more immportant things to do like getting married, now im too lazy to go back and try things there, besides … 99% of the people i knew in HTS are either dead or in jail or no longer active :(
I Hate Signatures.
Hi Keeper, yes you are 100% on that one. I have been a member on there for about five or six years but still haven’t even got close on solving that one! Think I might take a fresh look at it again when I get the chance. :)
I had a right argument with TheMindRapist on there. Accused me of posting spoilers when I wasn’t. Don’t like him too much. A verry arrogant person! :(
Here is a part of my analysis http://stackoverflow.com/questions/18562918/coding-an-enhanced-lsb-reverser
Joined: 23/09/2006 23:56:14 <– member since, had another account that i forgot its pass that is about a year older, then the account got deleted or something during some upgrade on the site :P
I Hate Signatures.
I Hate Signatures.
The thing about stego15 is that it is impossible by most standards. You just cannot reverse it back to its original state because there is no clue about the original values of the RGBs. They are set to either 255 or 0 depending on their Least Significant Bit. The other option I see round here is if this is some sort of protocol to include quantum steganography.
@Keeper: “Quantum steganography”. Well, I believe my child or my grandchild can solve it. :p
10 years ago
0
ADIGA: Find the hidden image and you will find the MD5 HASH. http://postimg.org/image/oonbcs7bl/