对于ctf比赛中,遇见频率并不高的像素题进行一个小总结。
1.Pixel_Signin
乍一看是一个像素点的图片
看一下大小是31*31
编写脚本,转化成rgb数字看看
from PIL import Image
file = Image.open("Pixel_Signin.png")
fi = open("res.txt", "w")
print("Image size:", file.size)
for i in range(31):
for j in range(31):
r, g, b = file.getpixel((j, i))
print(r, g, b, file=fi)
fi.close()
发现结果有挺多还是落在字母数字对于的ascii字符上的。尝试把这个rgb数字转成对应的字符
flag = ""
with open("res.txt", "r") as f:
lines = f.readlines()
for line in lines:
parts = line.strip().split()
for value in parts:
num = int(value)
try:
flag += chr(num)
except ValueError:
pass
print(flag)得到一串字符
Gur dhvpx oebja sbk whzcf bire gur ynml qbt vf na Ratyvfu-ynathntr cnatenzÿn fragrapr gung pbagnvaf nyy gur yrggref bs gur nycunorg. Gur cuenfr vf pbzzbayl hfrq sbe gbhpu-glcvat cenpgvpr, grfgvat glcrjevgref naq pbzchgre xrlobneqf, qvfcynlvat rknzcyrf bs sbagf, naq bgure nccyvpngvbaf vaibyivat grkg jurer gur hfr bs nyy yrggref va gur nycunorg vf qrfverq.Gur rneyvrfg xabja nccrnenapr bs gur cuenfr jnf va Gur Obfgba Wbheany. Va na negvpyr gvgyrq Pheerag Abgrf va gur Sroehnel , rqvgvba, gur cuenfr vf zragvbarq nf n tbbq cenpgvpr fragrapr sbe jevgvat fghqragf N snibevgr pbcl frg ol jevgvat grnpuref sbe gurve chcvyf vf gur sbyybjvat, orpnhfr vg pbagnvaf rirel yrggre bs gur nycunorg N dhvpx oebja sbk whzcf bire gur ynml qbt. Qbmraf bs bgure arjfcncref choyvfurq gur cuenfr bire gur arkg srj zbaguf, nyy hfvat gur irefvba bs gur fragrapr fgnegvat jvgu N engure guna Gur. Gur rneyvrfg xabja hfr bs gur cuenfr fgnegvat jvgu Gur vf sebz gur obbx Vyyhfgengvir Fubegunaq ol Yvaqn Oebafba. Gur zbqrea sbez fgnegvat jvgu Gur orpnzr zber pbzzba rira gubhtu vg vf fyvtugyl ybatre guna gur bevtvany fgnegvat jvgu N.N rqvgvba bs gur Ybf Natryrf Urenyq Fhaqnl Zntnmvar erpbeqf gung jura gur Arj Lbex Urenyq jnf rdhvccvat na bssvpr jvgu glcrjevgref n srj lrnef ntb, fgnss sbhaq gung gur pbzzba cenpgvpr fragrapr bs abj vf gur gvzr sbe nyy tbbq zra gb pbzr gb gur nvq bs gur cnegl qvq abg snzvyvnevmr glcvfgf jvgu gur ragver nycunorg, naq ena bagb gjb yvarf va n arjfcncre pbyhza. AFFPGS{Unehxv_vf_AFF_FHCREZNA_fb_guvf_gnfx_vf_rnfl} Gurl jevgr gung n fgnss zrzore anzrq Neguhe S. Phegvf vairagrq gur dhvpx oebja sbk cnatenz gb nqqerff guvf.Nf gur hfr bs glcrjevgref terj va gur yngr gu praghel, gur cuenfr ortna nccrnevat va glcvat yrffba obbxf nf n cenpgvpr fragrapr. Rneyl rknzcyrf vapyhqr Ubj gb Orpbzr Rkcreg va Glcrjevgvat N Pbzcyrgr Vafgehpgbe Qrfvtarq Rfcrpvnyyl sbe gur Erzvatgba Glcrjevgre , naq Glcrjevgvat Vafgehpgbe naq Fgrabtencuref Unaq-obbx. Ol gur ghea bs gur gu praghel, gur cuenfr unq orpbzr jvqryl xabja. Va gur Wnahnel ,vffhr bs Cvgznaf Cubargvp Wbheany, vg vf ersreerq gb nf gur jryy xabja zrzbevmrq glcvat yvar rzoenpvat nyy gur yrggref bs gur nycunorg. Eboreg Onqra-Cbjryyf obbx Fpbhgvat sbe Oblf hfrf gur cuenfr nf n cenpgvpr fragrapr sbe fvtanyvat.Gur svefg zrffntr frag ba gur ZbfpbjÿJnfuvatgba ubgyvar ba Nhthfg , , jnf gur grfg cuenfr GUR DHVPX OEBJA SBK WHZCRQ BIRE GUR YNML QBTF ONPX . Yngre, qhevat grfgvat, gur Ehffvna genafyngbef frag n zrffntr nfxvat gurve Nzrevpna pbhagrecnegf, Jung qbrf vg zrna jura lbhe crbcyr fnl Gur dhvpx oebja sbk whzcrq bire gur ynml qbt? Qhevat gur gu praghel, grpuavpvnaf grfgrq glcrjevgref naq gryrcevagref ol glcvat gur fragrapr.Vg vf gur fragrapr hfrq va gur naahny Mnare-Oybfre Angvbany Unaqjevgvat Pbzcrgvgvba, n phefvir jevgvat pbzcrgvgvba juvpu unf orra uryq va gur H.F. fvapr ���������������������������������������������放到cyberchef里面试一试,猜测可能是rot13
拿到flag
NSSCTF{Haruki_is_NSS_SUPERMAN_so_this_task_is_easy}2. GHCTF 2025 mypixel
下载下来的附件仍然是一个像素图,我们还是尝试上一题的方法,提取像素点rgb数值,进行观察👀
观察数据,应该是存在非数字字母字符的,而且不少
拖入道zsteg进行分析
zsteg -a '/home/kali/桌面/attachment.png' 
给这个内嵌的压缩包提取出来
zsteg -E b8,rgb,lsb,xy '/home/kali/桌面/attachment.png' > hidden.zip解压后发现是这样一张图
这张图只有黑白,我们看下规格,编写脚本将黑白转化成01字符串,再拖入解码工具试试
脚本如下
from PIL import Image
img = Image.open("output.png").convert("RGB")
width, height = img.size
binary_data = ""
for y in range(height):
for x in range(width):
r, g, b = img.getpixel((x, y))
if (r, g, b) == (0, 0, 0):
binary_data += '1'
else:
binary_data += '0'
with open("image_binary.txt", "w") as f:
f.write(binary_data)
print("<u>转换完成,已保存为 </u>image_binary.txt")将结果放到cyberchef,点一下魔法棒🪄
这个定位码是汉信码的特征,找个在线的解密
得到flag NSSCTF{f92a7a2e-9606-4319-9d97-942de4f0315a}3.GDOUCTF 2023 pixelart
打开附件,很明显能观察到图片中的小白点,用sinpaste截取一段和一个像素点比较,发现一个像素点到另一个像素点之间到距离是12,想办法给这些像素点全部提取出来看看怎么个事!,编写脚本处理
from PIL import Image
# 加载用户上传的图像
original_image = Image.open("arcaea.png")
# 设置采样间隔
step = 12
new_width = original_image.width // step
new_height = original_image.height // step
# 创建新图像
new_image = Image.new("RGB", (new_width, new_height))
# 每隔 step 像素取一个像素点
for x in range(new_width):
for y in range(new_height):
pixel = original_image.getpixel((x * step, y * step))
new_image.putpixel((x, y), pixel)
# 保存新图像
output_path = "extracted_every_12px.png"
new_image.save(output_path)
print(output_path)发现提取出来,拿到fake flag
猜测可能还是像素相关的lsb隐写,用zsteg梭哈
得到 flag{J3st_2_cats_battling}4.CISCN 2022 东北 pixel
这个题目也和像素有关,主要考点为pixel 根据描述,只能看懂其中的数字
把数字全部取出来 258523871198,提取完然后解压 发现是一个dat文件,文件格式不详,使用puzzlesolver能检测一手文件类型
放到b神的工具里继续梭一手,拿到解压密码
得到如下图片
继续用b神工具,PixelJihad解密
flag{3dba7e5c09b0da5182a373e3cbb99670}5.ctfshow七夕杯 你会lsb吗?
下载下来文件没后缀,用010查看一手
看见字符倒过来了,应该是把文件逆序了,写个python脚本再倒一次即可
with open('./zip', 'rb') as f:
g = f.read()
with open('./reversed.zip', 'wb') as ff:
ff.write(g[::-1])会得到如下图片
binwalk,foremost分离没啥结果 打开010继续看,发现有个ctfshow 那应该是带密码的图片解密
成功解密
得到一堆emjoy编码信息,找个在线解密
https://aghorler.github.io/emoji-aes/
提示轮换无效,仔细找了下点开advance,当旋转=2时能发现可以成功解密
好了,今天分享就到这里,谢谢大家观看。
点一个关注吧,欢迎点赞转发本文~~