DamCTF Writeup – bad-patterns
# Information:
CTF Name: DamCTF
CTF Challenge: misc/bad-patterns
Challenge Category: Misc
Challenge Points: 235
By: BaboonWithTheGoon
DamCTF 2021
# Used Tools:
# Challenge Description:
A hacker was too lazy to do proper encryption. However, they left us some examples of how their encryption “algo” was supposed to work.
original text : “Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.” encoded:
"Lpthq jrvym!frpos"vmt!cpit-"fsntgfxeuwu$aeksmsdkqk fnlx,!uhh eq#iivupsd!vhqppt#mndkgmdvpw$uu"oebpth$eu"gslpth$mbiqe bnluub0#Yt!gqmm!cg$mjplq wgqman.#uuju#rotvuyd!g{irdkwetjqq$umndqcp"oebptlw okvm vv#eljsxmp!g{$eb"fsmnqgs dqqwerwdx.!Fxms!cxxe!kuyrf"gslpt#mn!thtrfjhrdftlx jp#zomwsxaug#zemkw$etuh$cjnoym!frposg#iu!hxkibv#rumnd$pbtletvt1$Eyehttfwu$sjpw$odedicbv#guqkgetbv#roo"svojfhrt-"vynu"lr dwota!sxm phimcjc#hetguynu"pslmkw$aokp$ie"hwt!ndfoswp2"
Find the pattern!
Maybe you should try the same pattern on this string:
bagelarenotwholewheatsometimes
Make sure you wrap your solution with dam{...}
!
# Writeup
Hello, welcome to my writeup for the DamCTF challenge bad-patterns.
In this challenge we are presented with the original text and the encoded one. According to the challenge description this encoding was done by a laze hacker who did not use proper encryption.
After looking at both texts carefully I was able to spot the “bad pattern”.
In fact, what we have here is simple an incremental shift right of the letters in loops of 5. Let me show you an example:
Lorem i -> the original text.
Lpthq j -> the encoded text.
We have:
L becomes L which comes from L + 0 = L
o becomes p which comes from o + 1 = p
r becomes t which comes from r + 2 = t
e becomes h which comes from e + 3 = h
m becomes q which comes from m + 4 = q
” ” becomes ” ” which comes from ” ” + 0 = ” “
i becomes j which comes from i + 1 = j
…
This simple pattern repeats it self across the entire text. To solve this I decided to create a script to automate the process and check my logic quickly, this was the resulting Python 3 script:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#!/usr/bin python3
def decode_bad_pattern(s):
string_size = len(s)
res = ""
for i in range(0, string_size, 5):
res += chr(ord(s[i]) - 0)
res += chr(ord(s[i+1]) - 1)
res += chr(ord(s[i+2]) - 2)
res += chr(ord(s[i+3]) - 3)
res += chr(ord(s[i+4]) - 4)
return res
def encode_bad_pattern(s):
string_size = len(s)
res = ""
for i in range(0, string_size, 5):
res += chr(ord(s[i]) + 0)
res += chr(ord(s[i+1]) + 1)
res += chr(ord(s[i+2]) + 2)
res += chr(ord(s[i+3]) + 3)
res += chr(ord(s[i+4]) + 4)
return res
print(encode_bad_pattern("bagelarenotwholewheatsometimes"))
The first function decodes the “bad pattern” and the second encodes it.
As you can see we have the same exact logic in this code as in the explanation above. To test if this code was correct I simply called the function decode_bad_patterns on the initial encoded text. It worked, I got the exact same original text back.
Afterwards, I decided to run this code on the suggest string -> bagelarenotwholewheatsometimes, and I got the flag.
And the flag is:
Thank you very much for reading!
Cheers,
MRegra