h4ck1t 2016: Algeria - Crypt0P1xels, Stego (250pts)

Honestly, I thought this challenge was pretty overrated. In this task we are given an encrypted image as well as the encryption script. The script looks like this (condensed):

x = random.randint(1,255)  
y = random.randint(1,255)

img_pix.putpixel((0,0),(len(FLAG),x,y))

for l in FLAG:  
    x1 = random.randint(1,255)
    y1 = random.randint(1,255)
    img_pix.putpixel((x,y),(ord(l),x1,y1))
    x = x1
    y = y1

img_pix.save('encrypted.png')  

It seems that each character of the flag is placed at random points in the encrypted image. Fortunately, each character also comes with the coordinates of the next character. To solve the challenge, we just write a reversing script.

FLAG = ""  
img = Image.open("encrypted.png")  
img_pix = img.convert("RGB")

FLAG_LEN, x, y = img_pix.getpixel((0, 0))  
for i in range(FLAG_LEN - 1):  
    c, x, y = img_pix.getpixel((x, y))
    FLAG += chr(c)

print FLAG  

The flag is h4ck1t{1NF0RM$T10N_1$_N0T_$3CUR3_4NYM0R}.

Writeup by Michael Zhang.