Monday, January 12, 2015

Infiltrate 2015 - Free Ticket Challenge #1 (Solved)

Infiltrate 2015 is right around the corner! Only three short months until we can all enjoy two days of highly technical offense focused conference goodness in sunny South Beach.

As we get closer to the conference we decided to give away some free tickets to Infiltrate by way of puzzle challenges. And what better first challenge for a Miami Beach based con than a Cuban Number Station?

So we put out the following audio file for people to analyze and decode. Gaston, our winner, was the first to submit a correct solution, and an elegant one at that.



The audio consists of a female voice reading a list of numbers. The numbers represent nibbles of a PNG file. You could solve this by hand with Google translate, but this process is very error prone. If you miss one number you are basically up that one creek without a paddle.

Gaston produced this clever script to extract the bytes from the audio:


If everything adds up correctly you end up with the following image (md5: d4549b09612ade7e8459ddd7c16f95f7):


The final part of the first Infiltrate 2015 Ticket Challenge, was to extract the secret message embedded in this image. We used a very simple LSB steganographic algorithm hiding bits in RGB bytes. This graph from DFI News (http://www.dfinews.com/articles/2009/06/find-incriminating-contraband-images) explains the algo in a nutshell:

Our winner then extracted the bits with the following script:


After extracting the bits you quickly discover that the secret message is:

#BOOM# NORTH KOREA WAS HERE :]

I wonder who could have left that? All indicators currently point at Immunity's Lord of Attribution and Prime Minister of remote sensing, our very own CEO, Dave Aitel.

So that's it for the first Infiltrate 2015 Ticket Challenge, we plan on doing a few more, so stay tuned to your local number stations and congrats to Gaston for his free Infiltrate ticket!


No comments:

Post a Comment