keyboard_arrow_up

title: Writeup DamCTF 2021 - bad-patterns
date: Nov 10, 2021
tags: DamCTF writeups misc


Writeup DamCTF 2021 - bad-patterns

Description:

A hacker was too lazy to do proper encryption. However, they left us some examples of how their encryption "algo" was supposed to work.

original text : "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum."

encoded: "Lpthq jrvym!frpos"vmt!cpit-"fsntgfxeuwu$aeksmsdkqk fnlx,!uhh eq#iivupsd!vhqppt#mndkgmdvpw$uu"oebpth$eu"gslpth$mbiqe bnluub0#Yt!gqmm!cg$mjplq wgqman.#uuju#rotvuyd!g{irdkwetjqq$umndqcp"oebptlw okvm vv#eljsxmp!g{$eb"fsmnqgs dqqwerwdx.!Fxms!cxxe!kuyrf"gslpt#mn!thtrfjhrdftlx jp#zomwsxaug#zemkw$etuh$cjnoym!frposg#iu!hxkibv#rumnd$pbtletvt1$Eyehttfwu$sjpw$odedicbv#guqkgetbv#roo"svojfhrt-"vynu"lr dwota!sxm phimcjc#hetguynu"pslmkw$aokp$ie"hwt!ndfoswp2"

Find the pattern!

Maybe you should try the same pattern on this string:

bagelarenotwholewheatsometimes

Make sure you wrap your solution with `dam{...}`!

Author: BaboonWithTheGoon
361 solves / 235 points

Seems like a simple "crypto" challenge. We have both the original text and cipher text. And we need to find the key. maybe we have some xor here since both plain text and cypher have the same lenght.

As we know, if a xor b = c, then a xor c = b. Let's create a little program to do plain xor cypher:

#!/usr/bin/env python3
# get pattern
text = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum."

encoded = "Lpthq jrvym!frpos\"vmt!cpit-\"fsntgfxeuwu$aeksmsdkqk fnlx,!uhh eq#iivupsd!vhqppt#mndkgmdvpw$uu\"oebpth$eu\"gslpth$mbiqe bnluub0#Yt!gqmm!cg$mjplq wgqman.#uuju#rotvuyd!g{irdkwetjqq$umndqcp\"oebptlw okvm vv#eljsxmp!g{$eb\"fsmnqgs dqqwerwdx.!Fxms!cxxe!kuyrf\"gslpt#mn!thtrfjhrdftlx jp#zomwsxaug#zemkw$etuh$cjnoym!frposg#iu!hxkibv#rumnd$pbtletvt1$Eyehttfwu$sjpw$odedicbv#guqkgetbv#roo\"svojfhrt-\"vynu\"lr dwota!sxm phimcjc#hetguynu\"pslmkw$aokp$ie\"hwt!ndfoswp2"

pattern = ""

for i in range(encoded.__len__()):
    pattern+= str(ord(encoded[i]) - ord(text[i]))

print(pattern)

output:

0123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234012340123401234

That was a good guess! The key is 1234 repeated throughout the sentence.

Let's try to decode the cypher they gave us:

encoded = "Lpthq jrvym!frpos\"vmt!cpit-\"fsntgfxeuwu$aeksmsdkqk fnlx,!uhh eq#iivupsd!vhqppt#mndkgmdvpw$uu\"oebpth$eu\"gslpth$mbiqe bnluub0#Yt!gqmm!cg$mjplq wgqman.#uuju#rotvuyd!g{irdkwetjqq$umndqcp\"oebptlw okvm vv#eljsxmp!g{$eb\"fsmnqgs dqqwerwdx.!Fxms!cxxe!kuyrf\"gslpt#mn!thtrfjhrdftlx jp#zomwsxaug#zemkw$etuh$cjnoym!frposg#iu!hxkibv#rumnd$pbtletvt1$Eyehttfwu$sjpw$odedicbv#guqkgetbv#roo\"svojfhrt-\"vynu\"lr dwota!sxm phimcjc#hetguynu\"pslmkw$aokp$ie\"hwt!ndfoswp2"

pattern = "01234"

text = ""

for i in range(encoded.__len__()):
    text+= chr(ord(encoded[i]) - int(pattern[i % 5]))

print(text)

output:

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Nice! We got the plain text back, the last thing we need to do is to encode bagelarenotwholewheatsometimes as said in the description:

text = "bagelarenotwholewheatsometimes"
pattern = "01234"
encoded = ""

for i in range(text.__len__()):
    encoded+= chr(ord(text[i]) + int(pattern[i % 5]))

print(encoded)

output:

bbihpasgqstxjrpexjhettqpitjohw

Flag: dam{bbihpasgqstxjrpexjhettqpitjohw}