Penetrating Networks

0 %
Navid Fazle Rabbi
Sr. Security Researcher
Offensive Security Research
bKash Ltd.
Research Interest
  • ๐Ÿ”’ Web & Mobile AppSec
  • ๐Ÿ’ฅ Side-Channel Analysis
  • ๐Ÿค– AI Attacks & AI Security
  • ๐Ÿ”— Blockchain & Web3 Security
  • ๐ŸŒ Browser Security
  • ๐Ÿ’ป Source Code Analysis
  • ๐Ÿ” Real-world Cryptograpy
  • ๐Ÿ’ฃ Exploit Development
  • ๐Ÿ”„ Reverse Engineering
  • ๐ŸŒ IoT Security

HackTheBox | Crypto | BabyEncryption Walkthrough

August 7, 2022

My approach to solving a basic Hack The Box encryption challenge. For me, the most significant aspect of this challenge was developing a decrypt-or to decrypt the encryption technique used to create the encryption.

Link to the Challenge

The Challenge describes a message that must be decrypted. If we download the specified files and unzip them, we obtain the following:

We can see that the archive contains 2 files –

  1. chall.py
  2. msg.enc

Closely looking into the files –

msg.enc contains an encrypted message. Now if we look into the python script –

import string
from secret import MSG #takes in a random value

#following function describes how the message is encrypted
def encryption(msg):
    ct = []
    for char in msg:
        ct.append((123 * char + 18) % 256) #encryption algorithm
    return bytes(ct)

ct = encryption(MSG)
f = open('./msg.enc','w')
f.write(ct.hex()) #output is in hex
f.close()

Therefore, we may conclude that msg.enc is in hex format. Now crafting the following decryptor (Download it from here) –

with open ('msg.enc','r') as file:
    secret = file.read()

ct = bytes.fromhex(secret)
plaintext = ''

for i in ct:
    for j in range(33,126):
        if ((123 * j + 18) % 256) == i:
            plaintext += chr(j)
            break

print(plaintext)

We get the solution, after running the script.

Posted in CTFTags: