[ECW] - Babel
Table of Contents
ECW 2023 - This article is part of a series.
Statement #
Data files #
We are given 2 files:
A png file
message.png
A text file
unknown.txt# Content of the unknow.txt file: ⁄⁅⁆⁵⁎ਵ⁄⁇⁁‰⁘⁔ਜ਼‵′⁄⁂ ⁺ ⁖⁔ਜ਼‴⁐ ‸⁰ ⁷⁁⁰⁆⁔‿⁋⁺ ‰੭ ‰‰⁄ ⁰⁉ਰ⁉⁄⁁⁛⁌⁈⁍…ੰ⁰⁏ ‰⁇⁙⁾‰⁅‴⁆″‰⁇‵⁗⁰ਵ⁈⁌⁊ ‰‰⁄⁃
Wrong path #
The text file seems unusable at the moment, so I’m interested in the image.
Image analysis #
I start by using AperiSolve to see if there would be any hidden information in the message.png file.
According to the part Strings and PngCheck there is indeed some data corresponding to an ICC profile.
According to Wikipedia:
An ICC profile is a digital file in a particular format (extensions .icc and .icm) describing how a computer device restores the colors. This type of file was created by the International Color Consortium (ICC) to enable professionals in desktop publishing to control colors throughout the graphic chain ( color management).
ICC Profile #
I’ve seen on a forum that it is possible to apply a custom ICC profile with Gimp, I then say to myself that applying this profile will perhaps bring out specific information on the image.
I extract this profile using Binwalk and I apply it to the image from Gimp, but no visual change, weird…
After several hours of researching what it is possible to do with an ICC profile, I asked an ECW admin if I am on the right track, he told me no, so I must start from the beginning again 😭
Dcode alphabet list #
After trying to do a reverse image search via Google and TinEye, I found this article
It turns out that the article deals with a similar challenge, this one redirects us to a list the alphabet of numbers and symbols of the dcode site
In this list we find all the symbols present in the message.png file.
Example 1 (Covenant language): #
Example 2 (Braille) : #
Message decryption #
By deciphering each symbol by hand, we can now read the message.png file
The message says:
CONGRATULATIONS T0 OBTAIN THE FLAG GRAB ALL THE BYTES IN THE SEVENTH COLUMN FROM THE FILE UNKNOWN.TXT AND SHA1 THESE
Flag #
To obtain the flag, simply retrieve the bytes present in the 7th column of the unknown.txt file, for this I use the xxd unknown.txt command.
00000000: 6120 6520 6720 6620 6520 6420 6c20 4420 a e g f e d l D
00000010: 4520 4620 7520 4e20 350a 6520 6720 4420 E F u N 5.e g D
00000020: 6320 4720 6a20 4120 3020 6820 7220 5820 c G j A 0 h r X
00000030: 5420 5b0a 3520 3220 4420 6e20 4220 5f20 T [.5 2 D n B _
00000040: 6720 6c20 7a20 5f20 5620 5420 5b0a 3420 g l z _ V T [.4
00000050: 5020 6f20 6420 5f20 3820 7020 5f20 6f20 P o d _ 8 p _ o
00000060: 6520 7720 4120 560a 7020 4620 6b20 6520 e w A V.p F k e
00000070: 7220 6b20 5420 3f20 4b20 7a20 5f20 3020 r k T ? K z _ 0
00000080: 6d0a 5f20 3020 3020 6520 6320 7220 6120 m._ 0 0 e c r a
00000090: 7320 4420 5f20 7020 4920 300a 4920 7320 s D _ p I 0.I s
000000a0: 6520 6e20 4420 4120 5b20 6e20 4c20 4820 e n D A [ n L H
000000b0: 4d20 2620 700a 7020 4f20 5f20 3020 4720 M & p.p O _ 0 G
000000c0: 5920 6c20 6320 7220 6420 7e20 3020 430a Y l c r d ~ 0 C.
000000d0: 4520 6720 3420 6520 4620 6f20 3320 3020 E g 4 e F o 3 0
000000e0: 4720 3520 5720 7020 350a 4820 4c20 4a20 G 5 W p 5.H L J
000000f0: 5f20 6620 7220 6120 6a20 3020 3020 4420 _ f r a j 0 0 D
00000100: 4320 560a C V.
7th column :
6c20 6720 7220 4220 5b0a 5f20 6b20 5f20 7220 4920 4c20 3020 3020 3320 4c20 3020
SHA1 = 128a64805be78e21dddb3aa3c7d72aecd7ee162d
🚩 Flag : ECW{128a64805be78e21dddb3aa3c7d72aecd7ee162d}