code hacking, zen coding

# HackYouToo CTF – Binary 300 – Shredder Write-up

Have you tried feeding critical documents to a shredder? We’ve accidentally done this very thing.

Shredder: shredder.exe
Document remains: broken_flag.jpg

We need our document back!

Shredder is a Win32 binary that encrypt source file “flag.jpg” to “broken_flag.jpg”. The encryption is only some translations and swaps and can be easily reversed.

### Guess mod_5 value using pattern file (map(chr,range(0,256))
### only 5 values possible anyways

mod_5 = 3

### Step 1 - Revert byte swap for position 8 and 13 every 16 bytes

j = 8
while (j<len(buffer)):
(buffer[j], buffer[j + 5]) = (buffer[j + 5], buffer[j])
j = j + 16

buffer = map(chr, buffer)

### Step 2 - Revert byte swap for value 53, 88, 109 and mod_5

out = ''
for j in range(0, len(buffer)):
a = ord(buffer[j])

a = (a - 1) & 0xFF ## revert ++buffer[j];

if a == 53:
a = 109
else:
if a == 109:
a = 53

if a == 88:
a = mod_5 + 89
else:
if a == mod_5 + 89:
a = 88

out = out + chr(a)

open("plain.jpg", "wb").write(out)