Challenge:
A Machine Identification Code (MIC), also known as printer steganography, yellow dots, tracking dots, or secret dots, is a digital watermark that certain color laser printers and copiers leave on every printed page, allowing identification of the device which was used to print a document and giving clues to the originator.
Developed by Xerox and Canon in the mid-1980s, its existence became public only in 2004. In 2018, scientists developed privacy software to anonymize prints to support whistleblowers publishing their work.
The flag format is CHH{Manufacturer-YYYYMMDD-HHMM}
YYYY: Year
MM: Month
DD: Day
HH: Hour
MM: Minute
Manufacturer: Name of printer (eg, Epson, Dell, HP,..)
Password: cookiehanhoan
The definition of MIC is clearly stated in the content of the challenge.
Additional:
Not many people noticed MIC for a considerable number of years. However, for the first time in 2004, ComputerWorld reported that the Dutch government used this technology to detect a group of counterfeiters printing fake money. Also in 2004, PC World magazine revealed that this system had existed for many years, to detect people who had been printing counterfeit money.
Read more here.
Solution:
Step 1: Convert pdf to an image file
For good results, the input shall use lossless compression (e.g. png) and 300 dpi.
pdftoppm -png -r 300 huong-dan-ve-ga-cookiehanhoan.pdf image
Step 2: Use the deda tool to track and decode the yellow dot in the image
python3 deda_parse_print.py image.png
Output:
Detected pattern 4
_|0|1|2|3|4|5|6|7
0|
1|.
2|.
3|. . .
4|. . .
5| . . .
6|.
7|.
8|. . .
9| .
0|. . .
1|. . .
2|. . .
3|.
4| .
5|. . . . .
33 dots.
<TDM of Pattern 4 at 0.00 x 0.00 inches>
Decoded:
manufacturer: Epson
serial: -123456-
timestamp: 2020-02-05 10:02:00
raw: 0000123456000020020510030002
minutes: 02
hour: 10
day: 05
month: 02
year: 20
unknown1: 00
unknown3: 00
unknown4: 00
unknown5: 00
printer: 00123456
Step 3: Submit the flag
CHH{Epson-20200205-1002}