iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (1)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Crappy Crypto challenge
  • Sh3llc0d3
    Posts: 1,910
    Well lots of talk of challenges and competitions so thought i'd put something together quickly... see if you can work things out. There's two an easy challenge and another which contains an extra stage to get the message. So yeah the point? You find negotiate various methods of encryption and then send my the message in a private message. What do you get? Eternal wisdom and knowing you're awesome... and of course a virtual high-five from me.

    Easy - http://pastebin.com/edQGBsev
    Extra stage - http://pastebin.com/LrTufUbW

    If you get really stuck then I'll send you a script I used to produce/crack the output/input and you can work it out yourself.

    Clues...
    • The cipher being used at one stage is a common way of encoding and produces a very distinctive output... before anyone corrects me this isn't true in all cases!
    • Another stage's encryption is a modern day application of a very old and famous cipher.
    • This is an easy challenge now... the last stage is less about crypto and more about hiding a message.

    Instead of giving similar clues for each challenge... one of the stages doesn't apply to the first challenge... work out which.

  • Mr. P-teoMr. P-teo
    Posts: 270
    not a clue what the encryption algo is, looks like something they found on the ship at Roswell.
    Skype: mrpt3o
    Twitter: MrPteo


    image
  • Sh3llc0d3
    Posts: 1,910
    To decrypt (2nd link):
    - C&P the data from pastebin into a file called raw.txt
    - You can do it by hand or by writing a script to automate the process... you need to next read the data from raw.txt and rot13 decode the data. Encode/Decode is the same as its just shifting the characters by 13. You can either write this to a new temp file or carry on to the next step...
    - base64 decode the tmp.txt and write the output from base64 decode to a .png file.
    - You should now be able to open the file and view the image - thats it. The first link doesn't include rot13 encoding and therefore looks a tad more like base64 encoding.

    Once you complete certain stages they become slightly more obvious, rot13/shift ciphers are simple to test for so we test output from various shifts and discover rot13 (+13 shift) which is an implementation from the original caesar cipher (+3 shift). Base64 is really more of a hunch test, but once you decode it via base64 the output will show PNG in the first line... we redirect stdout to a file  "base64 -d tmp.txt > test.png" for instance.
  • m0rph
    Posts: 332
    So THAT'S how this is done! I saw the base64 format at first, and when I decoded it I was like, "This is just a bunch of random text, I don't think this is what I was supposed to see." I will update as I continue the challenge, thanks for the tips Sh3llc0d3 :)
    while( !(succeed = try() ) );
  • Sh3llc0d3
    Posts: 1,910
    Its was just a really crap time filler while I'm working on a exploitme binary.
Add a Comment