The smart home system has the function of remote monitoring of what is happening in the home and every few minutes sends pictures of the surveillance cameras to the owner of the house. You successfully intercepted the network traffic of this system, however, its creators took care of the security of their users data and encrypted the pictures. Decrypt the provided image and you will find the flag.

secret_encrypted.png

The file claims to be a png file but we are not able to open it via image viewer. Let’s check whether it is really a png file.

As we guessed, it is not a png file anymore. Let’s check its first 8 bytes to see what is wrong.

PNG signature is 89 50 4E 47 0D 0A 1A 0A but this one is different. However, if we add png signature’s bytes to our file’s first 8 bytes. We get FF FF FF FF FF FF FF FF. In other words if we subtract each byte of the file from 0xFF, we get the correct png header which means we can decrypt the complete file by subtracting each byte from 0xFF.

Here is the python script I created for this task.

Let’s run it and get our secret.png file.

Here is the decrypted image.