Note to fellow-HTBers: Only write-ups of retired HTB machines or challenges are allowed.

Challenge info

Art [by hexp]
Can you find the flag?

The challenge

We start of by downloading the art.zip file and verifying it’s sha256sum with the hash displayed on the challenge page.

$ sha256sum art.zip 
9ae27f1b71d22cb49f473630699d79d353db49e6b9e6d0a51cfcf268e753b48e  art.zip

We then proceed to unzip this file using the password provided on the challenge page. This will give us a png image.

$ unzip art.zip 
Archive:  art.zip
[art.zip] art.png password: 
  inflating: art.png

Opening this image in the default image viewer returns a very colourful spiral.

We need to extract the flag from this image

Into the rabbit hole

As most people, from what I could deduce from the forum, I immediately jumped to the conclusion that this is a steganography challenge.

So I loaded up some stego tools in an attempt to discover the hidden message. I used steghide, stegosuite, exiftool, zsteg and even briefly tried to find a logic in the colours.

People are weird

However, some hints on the forum about programming languages and esoteric stuff made me google the correct keywords in order to find a Wikipedia page on Esoteric programming languages. It seems that people like to design the most mind-boggling programming languages for various sorts of reasons…

Eventually I discovered the image was probably an output of a program written in the Piet programming language. Luckily the Wikipedia page contained some images of programs written in Piet, making it easy to spot.

Getting the flag

I had some issues in finding a working interpreter, but finally stumbled upon an online one, yay!

I uploaded the image and the following output returned:

HTB{p137_m0ndr14n}? ? $? ? 18? 32464? ? ? 8? ? ? ? [... a lot more ?s ...]

And there you have the flag: HTB{p137_m0ndr14n}.

This challenge was weird, but I liked it :)
Thank you, Hexp!