HackTM Quals20 - RSA is easy #2
Posted on mer. 05 février 2020 in CTF
solves : 157
RSA is easy #2
50 Points
Provide the flag in this format:
HackTM{words_you_found}
Example:
If you find "i am a flag"
submit:
HackTM{i_am_a_flag}
Author: stackola
challenge_files_2.zip bebe0b93b184fd375c3462488c9fde01
Same as RSA is easy #1, we have exactly the same python script but with a new c file.
This time, we don't have the public key informations:
Public key:
[DATA CORRUPTED]
We can't use the same bruteforce way to get back the clear text. But we got a lot of chipher text. We can replace each uniq occurence with a letter or number and make a frequence analysis.
Let's make a file with all the line and check how many different numbers we have:
$ tail -n 1 c | sed -E 's/\[(.*)\]/\1/g' | sed 's/, /\n/g' | wc -l
1111
tail -n 1 c | sed -E 's/\[(.*)\]/\1/g' | sed 's/, /\n/g' | sort -n | uniq |wc -l
31
So. We got 1111 lines with 31 different values. We need to replace now each value. We can use some python code to do it:
mapping = {}
cur = "a"
for x in cipher:
if x not in mapping:
mapping[x] = cur
cur = chr(ord(cur)+1)
mapped = []
freqs = {}
for x in cipher:
mapped.append(mapping[x])
if mapping[x] not in freqs:
freqs[mapping[x]] = 1
else:
freqs[mapping[x]] += 1
freqs_sorted = {k: v for k, v in sorted(freqs.items(), key=lambda item: item[1], reverse=True)}
print(''.join(mapped).replace(list(freqs_sorted.keys())[0], " "))
We got finally some new text.
abcd f agh fd ijkkclc fd mbc cgnko pqhr f sctfhcs abgm f uckfctcs agh g unfkkfgdm cdinovmfjd hibcwcx g hfwvkc vhcysjngdsjw dywucn hmncgw agh gsscs mj mbc vkgfdmczm hmncgw mj incgmc ifvbcnmczmx mbfh ajyks hccwfdlko mbagnm gdo {nc|ycdio gdgkohfh j{ mbc ifvbcnmczmr gds ajyks uc ydingi}gukc ctcd mj mbc wjhm nchjynic{yk ljtcndwcdm fdmckkflcdic glcdifchx f {ckm hj hwyl gujym wo gibfctcwcdmx ocgnh kgmcnr f sfhijtcncs mbfh hgwc hibcwc fd hctcngk fdmnjsyimjno inovmjlngvbo mczmh gds mymjnfgk vgvcnhx bja dficx jmbcn inovmjlngvbcnh bgs mbjylbm j{ mbc hgwc hibcwcx yd{jnmydgmckor mbc hibcwc agh vnchcdmcs gh g hfwvkc bjwcajn} ghhfldwcdm jd bja mj yhc ckcwcdmgno inovmgdgkomfi mcibdf|ych mj mnftfgkko ingi} fmx hj wyib {jn wo unfkkfgdm hibcwcx {njw mbfh bywukfdl czvcnfcdic f kcgndcs bja cgho fm fh mj {gkk fdmj g {gkhc hcdhc j{ hciynfmo abcd sctfhfdl gd cdinovmfjd gkljnfmbwx wjhm vcjvkc sjd~m ncgkfc bja {fcdsfhbko sf{{fiykm fm fh mj sctfhc gd cdinovmfjd gkljnfmbw mbgm igd afmbhmgds g vnjkjdlcs gds scmcnwfdcs gmmgi} uo g nchjynic{yk jvvjdcdmx bcnc fh mbc {kglx abcd fm ijwch mj inovmj jn ignvcm dctcn njkk ojyn jad
I used the website quipqiup to revert this text and get back the original one:
when i was in college in the early fjsk i devised what i believed was a brilliant encryption schemez a simple pseudorandom number stream was added to the plaintext stream to create ciphertextz this would seemingly thwart any {re|uency analysis o{ the ciphertextk and would be uncrac}able even to the most resource{ul government intelligence agenciesz i {elt so smug about my achievementz years laterk i discovered this same scheme in several introductory cryptography texts and tutorial papersz how nicez other cryptographers had thought o{ the same schemez un{ortunatelyk the scheme was presented as a simple homewor} assignment on how to use elementary cryptanalytic techni|ues to trivially crac} itz so much {or my brilliant schemez {rom this humbling experience i learned how easy it is to {all into a {alse sense o{ security when devising an encryption algorithmz most people don~t realie how {iendishly di{{icult it is to devise an encryption algorithm that can withstand a prolonged and determined attac} by a resource{ul opponentz here is the {lagz when it comes to crypto or carpet never roll your own
Since we used some special chars to replace all the 31 one different numbers, we got some letter not replaced. But, the text is readable and we can get the flag: HackTM{when_it_comes_to_crypto_or_carpet_never_roll_your_own}.