Writeup: Redpwn 2019 - Dunce Crypto

(Updated: )
writeups
, , , ,

Information

  • category: crypto
  • points: 50

Description

Written by: blevy.
Emperor Caesar encrypted a message with his record-breaking high-performance encryption method. You are his tax collector that he is trying to evade. Fortunately for you, his crown is actually a dunce cap.

mshn{P_k0ua_d4ua_a0_w4f_tf_ahe3z}

Writeup

This challenge is straightforward. We know that the CTF flag starts with flag{. We can compute the difference of letters between m and f or create a bruteforce to try all possible rotations of the string. I chose the second one.

“exploit.py” :

1
2
3
4
5
6
7
8
9
10
11
12
13
14
ct = 'mshn{P_k0ua_d4ua_a0_w4f_tf_ahe3z}'
def encrypt(string, shift):
    cipher = ''
    for char in string: 
        if ord(char) <= 0x41 or (ord(char) >= 0x5b and ord(char) <= 0x60) or ord(char) >= 0x7a:
          cipher = cipher + char
        elif  char.isupper():
            cipher = cipher + chr((ord(char) + shift - 65) % 26 + 65)
        else:
            cipher = cipher + chr((ord(char) + shift - 97) % 26 + 97)
    return cipher

for i in range(1,26):
    print("plaintext : " + encrypt(ct, i) + "\ni : " + str(i) + "\n")

Output :

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
[...]
plaintext : djye{G_b0lr_u4lr_r0_n4w_kw_ryv3z}
i : 17

plaintext : ekzf{H_c0ms_v4ms_s0_o4x_lx_szw3z}
i : 18

plaintext : flag{I_d0nt_w4nt_t0_p4y_my_tax3z}
i : 19

plaintext : gmbh{J_e0ou_x4ou_u0_q4z_nz_uby3z}
i : 20

plaintext : hnci{K_f0pv_y4pv_v0_r4a_oa_vcz3z}
i : 21

plaintext : iodj{L_g0qw_z4qw_w0_s4b_pb_wda3z}
i : 22
[...]

Flag

flag{I_d0nt_w4nt_t0_p4y_my_tax3z}