opencodeiiita · RickyTheDude · Jan 14, 2025 · Jan 10, 2025 · Jan 10, 2025 · Jan 10, 2025
diff --git a/CTF-Submission/Suvanwita/challenge-description.txt b/CTF-Submission/Suvanwita/challenge-description.txt
@@ -0,0 +1,6 @@
+TITLE: Behind the Pixels
+
+HINT:
+Use Openpuff to decode the secret message behind the picture. While doing so, you will need three passwords-which are hidden in the image.
+The key to the secret message is hidden in plain sight. Focus carefully on the image to decode the first six letters of the three passwords. Look to the left, then at the top then to the right in order. 
+The next two letters are a mystery to solve- a question after a question, surprise after a surprise and finally a question after a surprise.
diff --git a/CTF-Submission/Suvanwita/challenge-files/carrier.png b/CTF-Submission/Suvanwita/challenge-files/carrier.png
diff --git a/CTF-Submission/Suvanwita/solution-walkthrough.md b/CTF-Submission/Suvanwita/solution-walkthrough.md
@@ -0,0 +1,47 @@
+1. Understand the Challenge
+The goal is to extract three passwords hidden within the image. Each password is made up of:
+A color code corresponding to a background color (Hex format).
+Two additional characters at the end, which are derived using a hint:
+Hint: "A question after a question, a surprise after a surprise, and a question after a surprise."
+Participants also encounter decoy passwords, which are visible as text in the image but do not correspond to the actual background colors.
+
+2. Tools Required
+A color picker tool (e.g., GIMP, Photoshop, or online tools like HTML Color Picker).
+
+4. Analyzing the Image
+
+Locate the Decoy Passwords:
+The decoy passwords (737373??, fbb03b!!, ff8c9d?!) are typed directly in the image as text.
+These are meant to mislead participants. While they follow the correct format (color codes + ending), they do not match the background colors of the image.
+
+Focus on the Background Colors:
+Use a color picker tool to extract the actual Hex color codes from the image’s background.
+Follow the order mentioned in the hint: left, top, then right.
+Example:
+Left background color: #38b6ff (light blue)
+Top background color: #ff5757 (red)
+Right background color: #5e17eb (purple)
+
+5. Decode the Symbolic Endings
+The next two characters of the passwords are provided as a riddle:
+Hint: "A question after a question, a surprise after a surprise, and a question after a surprise."
+Breakdown:
+Question after a question (??): The first password ends with ??.
+Surprise after a surprise (!!): The second password ends with !!.
+Question after a surprise (?!): The third password ends with ?!.
+
+6. Construct the Original Passwords
+Combine the extracted background colours with the corresponding symbolic endings to form the original passwords:
+Password 1: 38b6ff?? (left background color + ??)
+Password 2: ff5757!! (top background color + !!)
+Password 3: 5e17eb?! (right background color + ?!)
+
+7. Avoid the Decoy Passwords
+The decoy passwords (737373??, fbb03b!!, ff8c9d?!) are designed to distract participants. These colors are not found in the background and should not be used.
+
+8. Retrieve the Hidden Message
+To reveal the hidden message, use the correct passwords (38b6ff??, ff5757!!, and 5e17eb??) in OpenPuff.
+
+9. Format the Flag
+The final flag is based on the hidden message, formatted as:
+Flag: FLAG{The threat intelligence report indicates a surge in phishing campaigns targeting cloud-based collaboration tools. Organizations are advised to implement two-factor authentication (2FA) and educate employees about identifying suspicious emails.}