write-ups-challenges-2019-2020/DecryptThis/writeup.md

43 lines
1.8 KiB
Markdown
Raw Permalink Normal View History

2022-11-24 21:43:03 +00:00
# CHALLENGE DecryptThis
## Writeup
To decrypt, we first have to understand how the encryption works. The best way to do this would be to try a long string containing one charachter.
If the input string was long enough, the encrypted version will show a clear pattern. This is a sign that a Vignere-Cipher is probably used. More information about vignere can be found [here](https://www.dcode.fr/vigenere-cipher).
A second thing we can see is the beginning of the string, here the pattern is broken by _random_ characters, this is the cipher key for Vignere. The last odd thing is the second last character, this is the length of the codeword.
An example:
`FFFFFFFFFFFFFFFFFFFF` might be coded to `GAHBICGHIGHIGHIGHIGHIGCH`, where `GHI` is the pattern, `ABC` is the key and `C` (=3) is the key length.
As the key-word is generated randomly, a string kan be encrypted to multiple strings. The 3 strings in the given file where 3 different encrypted versions of the flag.
## Decryption Tool
A (simple) tool could be written to decrypt a string; here is an example of a decryption tool in PHP:
```php
function getNumberValue($nr) {
return chr((($nr + 94) % 94) + 33);
}
function decodeChar($char, $offset) {
return getNumberValue(getLetterValue($char) - getLetterValue($offset));
}
function decrypt($code) {
$len = ord(substr($code, -2, 1)) - 64;
$code = substr($code, 0, -2) . substr($code, -1);
$codedMessage = "";
$codeword = "";
for ($i = 0; $i < (2 * $len); $i += 2) {
$codedMessage .= substr($code, $i, 1);
$codeword .= substr($code, $i + 1, 1);
}
$codedMessage .= substr($code, 2 * $len);
$decrypted = "";
for ($i = 0; $i < strlen($codedMessage); $i++) {
$decrypted .= decodeChar(substr($codedMessage, $i, 1), substr($codeword, $i % strlen($codeword), 1));
}
return $decrypted;
}
```