Two week ago I took part in the CTF Hack the Vote ’16. It was a great experience even though the challenges were really tough. I was close to solve one of them awarding 200 points but finally I couldn’t find the way to call the php file server side. However there was one in the crypto area I solved really fast. Curiously I spent almost 5 hours in the other one and this one last me only 15 minutes. I show you how I did it in the next lines.
As a part of the scenario, someone was trying to hide information in some kind of code. You can find the code through this link.
As you can see, there is a combination of the terms TOP and KEK and an arbitrary number of exclamation marks after each literal. The TOP and KEK literals are one after each other and there is no repetition on 2 TOPs or 2 KEKs so that suggest a binary code. Assuming our supposition is true, the number of exclamation marks could be the number of times that symbol is repeated. So, we need to turn TOP into 1 and KEK into 0 and repeat it the number of times the following exclamation marks appear.
I managed to get this with a combination of shell commands and a very very small python script. Te be able to easily read the content of the file I just put it every term in one line.
# cat cypher.txt | tr ' ' '\n' > cypherlines.txt
Then with 7 lines in python we can get work done. This is the content of my decrypt.py.
#!/usr/bin/env python fd = open('cypherlines.txt','r') for line in fd.readlines(): numbers = line.count('!') if line.find('KEK') >= 0: print "0"*numbers, else: print "1"*numbers,
After printing everything there is still a space at the end of each sequence of 0s or 1s so we can eliminate them with sed. Another option would be just strip the 1s or 0s string.
We are almost done. The only thing that is pending is just change this into something readable. The most possible change is directly to ASCII so, googling for one, I found this one.
As a result of the conversion you get the flag you need to get your points ;).
See you in the next post!
++Security by Miguel A. Hernandez Ruiz