picoCTF Solutions
picoCTF 2021CryptographyMedium

Pixelated

Published: April 2, 2026

Description

Here's two images that are meant to be combined to get the flag. Can you do it?

Setup

Download s1.png and s2.png from the challenge page.

wget <url>/s1.png
wget <url>/s2.png

Solution

  1. Step 1Combine the two images
    This is visual secret sharing -- neither image alone reveals anything meaningful. Adding the pixel values together (wrapping at 255) reconstructs the hidden image. Use Python Pillow to add the images pixel-by-pixel and save the result.
    python3 << 'EOF' from PIL import Image, ImageChops img1 = Image.open("s1.png").convert("RGB") img2 = Image.open("s2.png").convert("RGB") result = ImageChops.add(img1, img2) result.save("combined.png") print("Saved combined.png") EOF
    Learn more

    Visual secret sharing is a cryptographic technique invented by Moni Naor and Adi Shamir in 1994. In a (2,2) visual secret sharing scheme, a secret image is split into two "shares" -- each looks like random noise -- but stacking or combining them reveals the original. Neither share alone gives any information about the secret.

    There are two common combination methods depending on how the shares were generated:

    • XOR: each pixel in share 1 is XORed with the corresponding pixel in share 2. Used when shares are binary (black/white) or when you want perfect reconstruction.
    • Addition (mod 256): pixel values are added, wrapping at 255. ImageChops.add() does this -- it's effectively addition modulo 256. This works here because the two shares were generated by subtracting a random noise image from the original.

    Pillow (PIL) is Python's standard image processing library. ImageChops provides channel-wise arithmetic operations on images. The convert("RGB") call ensures both images are in the same color mode before arithmetic -- mixing modes (e.g., RGBA + RGB) would raise an error. ImageChops.add() is equivalent to calling Image.fromarray(np.clip(arr1 + arr2, 0, 255)) using NumPy, but more concise.

    Real-world use: Visual secret sharing is used in physical security schemes where a secret can be revealed by overlaying transparencies, requiring no computer. It's also a foundational concept in threshold cryptography, where n shares are generated and any k of them can reconstruct the secret.

  2. Step 2View the result
    Open combined.png in any image viewer. The flag text is now visible in the reconstructed image.
    xdg-open combined.png
    Learn more

    xdg-open is a Linux command that opens a file with the default application for its type -- similar to double-clicking in a file manager. For a .png file it will launch your default image viewer (GNOME Photos, Eye of GNOME, etc.). On macOS the equivalent is open combined.png, and on Windows you can use start combined.png.

    If you're working on a headless server (no GUI), you can instead use tools like eog, feh, or transfer the file to your local machine via scp and open it there. Alternatively, Python can display the image inline: from PIL import Image; Image.open('combined.png').show().

Flag

picoCTF{...}

This is visual secret sharing -- neither image alone reveals anything, but combining them (XOR / ADD) reconstructs the hidden image.

More Cryptography