Black Propagation Writeup

By
Nasim Sulaiman
Published on
20 Sep 2020
2 min read
DOMECTF2020

The story for the Black Propagation challenge was as follows: “The local TV broadcaster has been compromised by terrorists and we suspect they used it to pass on some information to their followers. Help us to find and decode what it means.”

You’re provided with an image added with noise. Remove the noise to extract the link hiding under it. The link will directly lead to the flag which is in a github repo.

Firstly, you have to identify the type of noise. Here, Gaussian noise is added.

Then, the image needs to be processed with a denoising algorithm (autoencoder), We have to build an autoencoder to do so. The noise intensity changes in accordance with the noise factor. Here we have a noise factor of 0.85. Noise added image is shown below.

black-propagation1

For the training “emnist-balanced.mat” has to be downloaded which is freely available as MNIST dataset. It contains letters, numbers and symbols and each image is a pixel of 28*28.

The image provided is inverted. So before starting the training process MNIST data images have to be inverted. Below shows the original image and its inverted format.

black-propagation1
black-propagation1

Now Divide the data set into training and testing data. Then, preprocess the image, change image shape and colour.

Add noise to the image and define a neural network for training. An autoencoder has two parts: an encoder and decoder. So we have to create a neural network for both.

Setup the input shape as (28,28,1). and define the layers for training the data. After defining the layers create a model object by passing the inputs.

Start the training with parameters which are necessary, like epoch, learning rate, batch size etc. With GPU enabled colab it only takes 5 – 10 minutes to complete the training process.

After the completion check the provided noisy image with the created model. If the images are not clear, we can change the parameters and noise factor to build another model and recheck.The extracted out will be.

Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Nasim Sulaiman
Nasim Sulaiman
AI Engineer
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
Find surface-level website security issues in under a minute
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.