545 words
3 minutes
πŸ” PicoGym - Pixelated
2025-12-15
Cryptography πŸ”
PicoGym
/
Visual Cryptography

πŸ“‚ Download challenge file 1.
πŸ“‚ Download challenge file 2.

Description: I have these 2 images, can you make a flag out of them?
Difficulty: Medium
Author: Sara

Summary#

In this challenge, we’re given two scrambled PNG images and need to combine them to reveal a hidden flag. This is an example of visual cryptography, where secret information is hidden across multiple images. Each image alone shows only random noise, but when you overlay them together correctly, the hidden message appears!

Think of it like two transparent sheets with random dots - when you stack them on top of each other, the dots align to form letters.

Analysis#

We are given 2 scrambled PNG files:

Terminal window
$ file scrambled1.png
scrambled1.png: PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced
Terminal window
$ file scrambled2.png
scrambled2.png: PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced

Both are 256Γ—256 pixel PNG images in RGB color format and individually, they contain no readable information.

alt text alt text

Visual Cryptography Explained#

Visual cryptography is a special encryption method where:

  • A secret message is split across multiple images
  • Each image alone looks like random noise or garbage
  • When you overlay (stack) the images together, the secret message becomes visible to the human eye
  • No complex math or computer decryption is needed!

Imagine you have a secret message. Instead of encrypting it with math, you break it down into pixel patterns across multiple transparent sheets. When someone places all sheets on top of each other and holds them up to the light, the message appears!

The images#

When we look at the two images, they appear to be completely random:

  • scrambled1.png - looks like random noise/static
  • scrambled2.png - looks like random noise/static

But when combined correctly, they reveal the hidden message!

Solution#

Step 1: Understanding how to combine the images#

When combining two noisy images that contain a hidden message:

  • The random noise in each image is different and unpredictable
  • The hidden message is encoded in BOTH images at the same locations
  • When we add the pixel values together, the message pixels become much brighter (because they’re bright in both images)
  • The random noise stays relatively dark (because it’s different in each image)

Think of it this way: if both images have a white pixel in the same spot, adding them together gives an even brighter white. But if only one image has noise at a location, adding them gives a medium gray.

Step 2: Solution#

We load both images, convert them into arrays, and add their pixel values together.

Here’s the Python solution:

from PIL import Image
import numpy as np


# Load both images
img1 = Image.open('scrambled1.png')
img2 = Image.open('scrambled2.png')


# Convert to numpy arrays (keeps RGB format)
array1 = np.asarray(img1)
array2 = np.asarray(img2)


# Add the two images together
# Where both have bright pixels (the message), result is very bright
# Where they differ (noise), result is medium brightness
result = np.add(array1, array2)


# Convert back to PIL Image
result_img = Image.fromarray(result, mode="RGB")


# Display and save the result
result_img.show()
result_img.save('flag.png')

Step 3: Read the flag#

After running the script, the hidden text appears in the generated flag.png file:

Flag: picoCTF{8cdf93c3}

⚑ Raikiri

πŸŽ‰ Flag pwned!

alt text

πŸ’‘ TL;DR / Lesson Learned
  1. Each image alone is useless, the secret only appears when both are combined
  2. Pixel addition is enough; no complex math or encryption is needed
  3. Bright pixels in both images reinforce each other
  4. Visual cryptography relies on human vision, not cryptographic algorithms
  5. This challenge is about observation and image processing, not math
πŸ” PicoGym - spelling-quiz
πŸ” PicoGym - basic-mod2
Β© 2026 Keshav Locknauth Β· 0xkakashi