CTF: BITSCTF 2017
Points: 20
Category: Crypto
Description
Brute and get the base 32 format of flag.
encrypted.txt: MZYVMIWLGBL7CIJOGJQVOA3IN5BLYC3NHI
This task is worth 20 points, but only 8 teams have solved it during ctf and I really wonder why.
Before we start, I assume that everyone knows how base32 works: link.
Solution
Task description tells us that flag is converted to base32 and somehow encrypted.
From other tasks we know flag format and when we compare it with ciphertext length, we can assume that plaintext looks like this: BITSCTF{*************}.
Let’s encode first five letters of flag (one block of base32), BITSC to base32: IJEVIU2D.
Compare first 5 letters of base32 plaintext and ciphertext:
1 2 |
I J E V I U 2 D M Z Y V M I W L |
We can notice that every letter in ciphertext decodes to distinct letter in plaintext (with M decoding twice to I), so we can guess that this is kind of monoalphabetic substitution cipher.
Let’s look for any patterns in ciphertext alphabet.
Our alphabet(all base32 letters):
1 2 |
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 2 3 4 5 6 7 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
Encrypting alphabet
1 2 3 |
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 2 3 4 5 6 7 ? ? ? L Y ? ? ? M ? ? ? ? ? ? ? ? ? ? ? I V ? ? ? J W ? ? ? ? ? 11 24 12 8 21 9 22 |
So:
1 2 3 4 5 6 7 |
3 -> 11 4 -> 24 8 -> 12 20 -> 8 21 -> 21 25 -> 9 26 -> 22 |
When we look closely we can see that this is encrypted with affine cipher, with a = 13 and b = 4.
By the way, after finding that pattern we realize that title of this task is anagram of affine word.
So our encrypted alphabet will look like this:
1 2 3 |
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 2 3 4 5 6 7 4 17 30 11 24 5 18 31 12 25 6 19 0 13 26 7 20 1 14 27 8 21 2 15 28 9 22 3 16 29 10 23 E R 6 L Y F S 7 M Z G T A N 2 H U B O 3 I V C P 4 J W D Q 5 K X |
Now we can get our plaintext:
1 |
MZYVMIWLGBL7CIJOGJQVOA3IN5BLYC3NHI -> IJEVIU2DKRDHWUZSKZ4VSMTUN5RDEWTNPU |
After that we need to add b32 padding and finally we can read our solution:
1 2 3 |
import base64 base64.b32decode('IJEVIU2DKRDHWUZSKZ4VSMTUN5RDEWTNPU======') -> BITSCTF{S2VyY2tob2Zm} |
Easter egg:
flag is base64 of string ‘Kerckhoff’:
1 2 |
$ echo -n "S2VyY2tob2Zm" | base64 -d Kerckhoff |
It is the best