You cannot open the file as some programs simply freeze, others show out of memory exceptions, or other errors.
Loading into Wireshark for example shows the file’s basic information like it’s width and height.
It is a very huge file, so that explains why we cannot open it earlier.
We have to make some educated guesses. Looking into the file contents you can see that the IDAT part of the file is full of zeros:
So I used one of my helper method which gave me a quick summary of the contents of the file:
The IDAT header contains zlib compressed data (as this is the only supported encoding method). So there is some information in the middle of the file.
As the file’s BitDepth is 1, this means the 1 byte contains 8 pixel information, so the uncompressed RAW bitmap data is 344987 * (344987 // 8 + 1) = ~15Gb.
As I did not want to decompress this much data to my hard disk I wrote a C# script to seek into the middle of the image data (so to about 7.4GB) and read the middle of the file and extracted a few MB’s of RAW data.
I created a summary of this too:
What we see is 40 bytes data in the middle of every row.
So I simply recovered these bits with the following code snippet:
And converted the bytes to bits aka. pixels in this case (with my web-based conversion toolset hosted on https://kt.pe/tools.html) and replaced “1” characters with space “ “ to make it more readable:
This challenge was a VM implemented where every instruction was an emoji. For the first part of the challenge we had to reverse a flag ch...… Continue reading