We were given a
crypted.bmp file of 4.3MB, that can't be opened in a picture-viewer. Since the format is BMP (And thus involves no compression at all: It's just a big matrice), it smells like ECB mode.
I created a bmp picture, trying to get something of equal weight. Here is the script is used to replace headers (with
head.bmp being my freshly-created bmp):
all: clean cp crypted.bmp out.bmp dd if=head.bmp of=out.bmp bs=1 count=54 conv=notrunc clean: rm -f out.bmp
Then we played with the header, trying to guess the correct resolution of the original image. Since we were lazy, once we got something readable, we deciphered the flag.
Here is what we got: