PragyanCTF (H1tch)

Writeup by H1tch (

Another nice CTF. This one was pretty laid back went for over a weeks time.  Seemed to have a lot of Stego and crypto challenges pretty low on an type of reverse or forensics. Everything seems to have gone smoothly I didn’t notice any issues. Some members of Overflow Security were in and out of the challenges. Here are the write ups for the ones that I completed.


Put on your reading glasses (10 pts)

run strings on file. flag is on the bottom

strings Proxy.jpg

What you see is what you get. (50 pts)

run strings the bottom shows us the program used and key to extract.

#strings stego_50.jpg







steghide –extract -sf stego_50.jpg

Enter passphrase:

wrote extracted data to “key_stego_1″.

root@kali:~/CTF/pragyan/stego/what-you-see-is-what-you-get# ls
key_stego_1 stego_50.jpg

root@kali:~/CTF/pragyan/stego/what-you-see-is-what-you-get# cat key_stego_1

Congrats! This was way too wasy 

This is the key:



One more headache (20 pts)
This is a PRGYAN event
text file called substitution given with the following text

assuming that PRGYAN is the key
used an online decoder

entered key: prgyanpr cipher text: dhkuagsn

solution: ilovectf

Access Code (30pts)
Find the access code
a PDF is shown

RIP JPEG from PDF ( can right click and save it)
this is the JPEG

Did a google image search via drag and drop image into search box and find the artist name is Sascha Herm

The PDF said KEYED painter so go to online keyword cipher decoder

use KEY: saschahermsasch
with Cipher Text: heitsctrnpsmysk
and get the flag: deltactfpragyan

Totally abstruse (30 pts)
no point guessing
was given an image.

A goggle image  search on this images brought up the Piet programming language.

found an online interpreter at

execute the image/code.

Welcome to npiet online ! Info: upload status: Ok 
Info: found picture width=115 height=115 and codel size=5 
Uploaded picture (shown with a small border): world.png Info: executing: npiet -e 1000000 world.png Hello, world! Flag: Hello, world!

Leave a Reply

Your email address will not be published. Required fields are marked *

The opinions and thoughts on this blog are those of Overflow Security members, and do not reflect those of our members employers.