CTF, Wargame,

S21SEC [DCS17CTF] – Venezuela

by 17 mayo, 2017no comment
score

Hi mates,

During my spare time i have tried some tasks from DSC17 CTF by S21sec. I will comment here on those in which I found more difficult or fun. FBCTF was present as platform so from here tasks names will be countries associated.

Venezuela – 400 points

This time we have a python script to cipher text and ciphered file. The contents of the python:

import sys, string
tcharset = string.lowercase + ' ,:.'
kcharset = [chr(x) for x in range(32,48) + range(58,65) + range(91,97) + range(123,127)]
for linea in sys.stdin:
	print ''.join([kcharset[tcharset.index(x)] for x in linea])

tcharset and kcharset are indeed used for «cipher» and «decipher» taking the index. Let’s see:

tcharset: abcdefghijklmnopqrstuvwxyz ,:. 
kcharset: [' ', '!', '"', '#', '$', '%', '&', "'", '(', ')', '*', '+', ',', '-', '.', '/', ':', ';', '<', '=', '>', '?', '@', '[', '\\', ']', '^', '_', '`', '{', '|', '}', '~']
secret.txt: +.<^"(%; #.<^/.;^<><=(=>"(.-^<.-^".,/ ; !+$<^ ^+.<^"(%; #.<^/.;^=; -</.<("(.-{^$-^>-^"(%; #.^/.;^=; -</.<("(.-_^+ <^>-(# #$<^#$+^=$[=.^/+ -.^<.-^" ,!( # <^>< -#.^>- ^.;#$- "(.-^#(%$;$-=$^\^-.;, +,$-=$^! <= -=$^".,/+$) _^/$;.^+ <^>-(# #$<^$-^<.^,(<, <^-.^<.-^,.#(%(" # <{^ '''^\^=>^! -#$; ^$<`^ ]$;( *_^(< =< ^+>]

So a char on secret correspond a position in tcharset by the index of kcharset. And so on … Modifying original script give us the secret text, swapping tcharset and kcharset:

import sys, string
tcharset = string.lowercase + ' ,:.'
kcharset = [chr(x) for x in range(32,48) + range(58,65) + range(91,97) + range(123,127)]
file = 'secreto_e47cadcff56cdcf8cb27eccb61dec09f.txt'
h = open(file, "r")

out='' 
for linea in h.readline():
	#print ''.join([tcharset[kcharset.index(x)] for x in linea])
	out+=''.join([tcharset[kcharset.index(x)] for x in linea])

print out

Result:

$ python HacedorDeSecretos_d696737c071ddf468da3d8884ae15f03.py 
los cifrados por sustitucion son comparables a los cifrados por transposicion. en un cifrado por transposicion, las unidades del texto plano son cambiadas usando una ordenacion diferente y normalmente bastante compleja, pero las unidades en so mismas no son modificadas. ahhh y tu bandera es: azeriak, isatsa luze

Flag: azeriak, isatsa luze

No hay contenido relacionado



Leave a Reply

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.

Related posts

CTF,

Reimonware H-C0N 2023

by 7 marzo, 2023
webwarm
CTF,

ASIS CTF 2020. Web Warmup.

by 5 julio, 2020
im_babyrev
CTF,

CSAW. Red Team competition. «Babyrev»

by 1 octubre, 2018no comment
sshot-11
CTF,

Cybercamp 2018 quals: “Friend, where is my password?”

by 1 octubre, 2018no comment