[WARGAME NDH 2016] Write-Up – Crypto: OMG So Encrypted !

11
juil.
2016
  • Google Plus
  • LinkedIn
  • Viadeo
Posted by: Yann C.  /   Category: Cryptanalyse / Cryptologie / CTF / Events / NDH / NDH2k16 / Wargame   /   Pas de commentaire

Présentation d’un write-up de résolution du challenge « Crypto – OMG So Encrypted !» du WARGAME de la Nuit du Hack 2016.

Le weekend du 02-03 juillet 2016 se déroulait le WARGAME de la Nuit du Hack 2016 sous forme d’un CTF Jeopardy. Ayant eu l’occasion et le temps d’y participer avec quelques collègues et amis, voici un write-up de résolution d’un des challenges auquel nous avons pu participer.

  • Catégorie : Crypto
  • Nom : OMG So Encrypted !
  • Description : Some very confidential information were encod^Wencrypted in order to hide it from hackers like you. Are you able to retrieve it?
  • URL : http://static.wargame.ndh/omg_so_encrypted.txt
  • Points : 100

tl;dr : ROT13 decode puis analyse sémantique

On récupère le contenu du fichier texte :

Guvf grkg vf urer gb fvzhyngr n frzragvp nanylfvf. Vg zrnaf gung jura lbh trg n
pbecbengr qbphzrag, lbh hfhnyyl unir gb ernq vg naq nanylfr vg orsber lbh trg
gur hfrshy vasbezngvba. Gur synt fgnegf jvgu 'aqu2x16_'. Nsgre gung, gurer vf
gur unfu. irel svefg yrggre bs gur unfu frrzf gb or 1. friragrragu yrggre bs
gur unfu nccrnef gb or 4. ryriragu yrggre bs gur unfu nccrnef gb or 5. gjragl-
frpbaq yrggre bs gur unfu jvyy unir gur inyhr bs s. fvkgrragu yrggre bs gur
unfu vf 0. gjragl-guveq yrggre bs gur unfu fubhyq or p. guveq yrggre bs gur
unfu frrzf gb or 0. fvkgu yrggre bs gur unfu frrzf gb or 5. gjragl-fvkgu yrggre
bs gur unfu jvyy unir gur inyhr bs 0. rvtugu yrggre bs gur unfu jnf frg gb 2.
guvegrragu yrggre bs gur unfu jnf frg gb 1. svsgrragu yrggre bs gur unfu fubhyq
or o. gragu yrggre bs gur unfu frrzf gb or s. gjragl-friragu yrggre bs gur unfu
jnf frg gb s. svsgu yrggre bs gur unfu jnf frg gb 9. gjrysgu yrggre bs gur unfu
nccrnef gb or n. guvegl-frpbaq yrggre bs gur unfu fubhyq or q. gjragl-avagu
yrggre bs gur unfu frrzf gb or 0. gjragl-svefg yrggre bs gur unfu jnf frg gb p.
avargrragu yrggre bs gur unfu frrzf gb or p. gjragl-rvtugu yrggre bs gur unfu
frrzf gb or r. sbhegu yrggre bs gur unfu jnf frg gb 4. avagu yrggre bs gur unfu
vf n. gjragvrgu yrggre bs gur unfu jvyy unir gur inyhr bs 1. guvegl-svefg
yrggre bs gur unfu fubhyq or 6. rvtugrragu yrggre bs gur unfu jvyy unir gur
inyhr bs r. frpbaq yrggre bs gur unfu frrzf gb or 8. sbhegrragu yrggre bs gur
unfu fubhyq or p. gjragl-svsgu yrggre bs gur unfu fubhyq or 5. gjragl-sbhegu
yrggre bs gur unfu jvyy unir gur inyhr bs o. friragu yrggre bs gur unfu fubhyq
or 6. guvegvrgu yrggre bs gur unfu jnf frg gb 9.

Le « lapsus » de la définition du challenge, remplaçant « encodé » par « chiffré » nous oriente vers un algorithme potentiellement faible, obsolète, voire historique. Le Chiffre de César (ROT13) se porte bien au cas présent.

Tentons de décoder ce texte via un ROT13 online :

This text is here to simulate a sementic analysis. It means that when you get a corporate document, you usually have to read it and analyse it before you get the useful information. The flag starts with 'ndh2k16_'. After that, there is the hash. very first letter of the hash seems to be 1. seventeenth letter of the hash appears to be 4. eleventh letter of the hash appears to be 5. twenty- second letter of the hash will have the value of f. sixteenth letter of the hash is 0. twenty-third letter of the hash should be c. third letter of the hash seems to be 0. sixth letter of the hash seems to be 5. twenty-sixth letter of the hash will have the value of 0. eighth letter of the hash was set to 2. thirteenth letter of the hash was set to 1. fifteenth letter of the hash should be b. tenth letter of the hash seems to be f. twenty-seventh letter of the hash was set to f. fifth letter of the hash was set to 9. twelfth letter of the hash appears to be a. thirty-second letter of the hash should be d. twenty-ninth letter of the hash seems to be 0. twenty-first letter of the hash was set to c. nineteenth letter of the hash seems to be c. twenty-eighth letter of the hash seems to be e. fourth letter of the hash was set to 4. ninth letter of the hash is a. twentieth letter of the hash will have the value of 1. thirty-first letter of the hash should be 6. eighteenth letter of the hash will have the value of e. second letter of the hash seems to be 8. fourteenth letter of the hash should be c. twenty-fifth letter of the hash should be 5. twenty-fourth letter of the hash will have the value of b. seventh letter of the hash should be 6. thirtieth letter of the hash was set to 9

Un texte intelligible ! Qui nous détaille clairement comment est formé le flag. Seulement, en analysant le « sens » du message, les phrases indiquant la position de chaque caractère composant le flag sont en désordre.

Soit on s’oriente vers un décodage manuel (où des erreurs peuvent se glisser), ou alors on fait un petit script qui s’occupe du travail pour nous :

  • On décode le cipher original
  • On restaure tout le texte en une seule ligne
  • Découpage sur le caractère « . » de chaque phrase
  • On récupère le premier mot de chaque phrase (l’ordre)
  • On récupère le dernier caractère de chaque phrase (partie du flag)
  • On ré-ordonne le tout
import codecs
import sys

cipher="""
Guvf grkg vf urer gb fvzhyngr n frzragvp nanylfvf. Vg zrnaf gung jura lbh trg n
pbecbengr qbphzrag, lbh hfhnyyl unir gb ernq vg naq nanylfr vg orsber lbh trg
gur hfrshy vasbezngvba. Gur synt fgnegf jvgu 'aqu2x16_'. Nsgre gung, gurer vf
gur unfu. irel svefg yrggre bs gur unfu frrzf gb or 1. friragrragu yrggre bs
gur unfu nccrnef gb or 4. ryriragu yrggre bs gur unfu nccrnef gb or 5. gjragl-
frpbaq yrggre bs gur unfu jvyy unir gur inyhr bs s. fvkgrragu yrggre bs gur
unfu vf 0. gjragl-guveq yrggre bs gur unfu fubhyq or p. guveq yrggre bs gur
unfu frrzf gb or 0. fvkgu yrggre bs gur unfu frrzf gb or 5. gjragl-fvkgu yrggre
bs gur unfu jvyy unir gur inyhr bs 0. rvtugu yrggre bs gur unfu jnf frg gb 2.
guvegrragu yrggre bs gur unfu jnf frg gb 1. svsgrragu yrggre bs gur unfu fubhyq
or o. gragu yrggre bs gur unfu frrzf gb or s. gjragl-friragu yrggre bs gur unfu
jnf frg gb s. svsgu yrggre bs gur unfu jnf frg gb 9. gjrysgu yrggre bs gur unfu
nccrnef gb or n. guvegl-frpbaq yrggre bs gur unfu fubhyq or q. gjragl-avagu
yrggre bs gur unfu frrzf gb or 0. gjragl-svefg yrggre bs gur unfu jnf frg gb p.
avargrragu yrggre bs gur unfu frrzf gb or p. gjragl-rvtugu yrggre bs gur unfu
frrzf gb or r. sbhegu yrggre bs gur unfu jnf frg gb 4. avagu yrggre bs gur unfu
vf n. gjragvrgu yrggre bs gur unfu jvyy unir gur inyhr bs 1. guvegl-svefg
yrggre bs gur unfu fubhyq or 6. rvtugrragu yrggre bs gur unfu jvyy unir gur
inyhr bs r. frpbaq yrggre bs gur unfu frrzf gb or 8. sbhegrragu yrggre bs gur
unfu fubhyq or p. gjragl-svsgu yrggre bs gur unfu fubhyq or 5. gjragl-sbhegu
yrggre bs gur unfu jvyy unir gur inyhr bs o. friragu yrggre bs gur unfu fubhyq
or 6. guvegvrgu yrggre bs gur unfu jnf frg gb 9.
""".rstrip()

# Define all ordinal
order = [ "very", # "very first"
 "second", 
 "third", 
 "fourth", 
 "fifth", 
 "sixth", 
 "seventh", 
 "eighth", 
 "ninth", 
 "tenth", 
 "eleventh", 
 "twelfth", 
 "thirteenth", 
 "fourteenth", 
 "fifteenth", 
 "sixteenth", 
 "seventeenth", 
 "eighteenth", 
 "nineteenth", 
 "twentieth", 
 "twenty-first", 
 "twenty-second", 
 "twenty-third",
 "twenty-fourth", 
 "twenty-fifth", 
 "twenty-sixth", 
 "twenty-seventh", 
 "twenty-eighth", 
 "twenty-ninth", 
 "thirtieth", 
 "thirty-first", 
 "thirty-second"
 ]

dic = {}

# ROT13 decode, clean newline and clean composed-ordinal :
decoded=codecs.decode(cipher, 'rot_13').replace("\n", " ").replace("- ", "-");

# Cut all sentences
arrayDecoded=decoded.split('.')

for line in arrayDecoded:
 line = line.strip()
 print line
 lineSplited = line.split()
 if len(lineSplited) > 0:
 # Get the first word of line (ordinal)
 firstWord = lineSplited[0]
 # Save the last char (part of flag)
 lastChar = line[-1]
 if firstWord in order:
 # Store the last char in right order
 dic[firstWord] = lastChar
 
# Print the flag
sys.stdout.write("Flag : ndh2k16_")
for o in order:
 sys.stdout.write(dic[o])

Une petite exécution :

$ python omg_so_encrypted.py
This text is here to simulate a sementic analysis
It means that when you get a corporate document, you usually have to read it and analyse it before you get the useful information
The flag starts with 'ndh2k16_'
After that, there is the hash
very first letter of the hash seems to be 1
seventeenth letter of the hash appears to be 4
eleventh letter of the hash appears to be 5
twenty-second letter of the hash will have the value of f
sixteenth letter of the hash is 0
twenty-third letter of the hash should be c
third letter of the hash seems to be 0
sixth letter of the hash seems to be 5
twenty-sixth letter of the hash will have the value of 0
eighth letter of the hash was set to 2
thirteenth letter of the hash was set to 1
fifteenth letter of the hash should be b
tenth letter of the hash seems to be f
twenty-seventh letter of the hash was set to f
fifth letter of the hash was set to 9
twelfth letter of the hash appears to be a
thirty-second letter of the hash should be d
twenty-ninth letter of the hash seems to be 0
twenty-first letter of the hash was set to c
nineteenth letter of the hash seems to be c
twenty-eighth letter of the hash seems to be e
fourth letter of the hash was set to 4
ninth letter of the hash is a
twentieth letter of the hash will have the value of 1
thirty-first letter of the hash should be 6
eighteenth letter of the hash will have the value of e
second letter of the hash seems to be 8
fourteenth letter of the hash should be c
twenty-fifth letter of the hash should be 5
twenty-fourth letter of the hash will have the value of b
seventh letter of the hash should be 6
thirtieth letter of the hash was set to 9

Flag : ndh2k16_18049562af5a1cb04ec1cfcb50fe096d

Flag : ndh2k16_18049562af5a1cb04ec1cfcb50fe096d

Merci à toute l’équipe de la NDH2K16 pour cet événement et pour toute l’organisation !

Salutations à nj8, St0rn, Emiya, Mido, downgrade, Ryuk@n et tout ceux dont je n’ai hélas pas le pseudo :), on remet ça quand vous voulez 😉 // Gr3etZ

Sources & ressources :

  • Google Plus
  • LinkedIn
  • Viadeo
Yann C.

About the Author : Yann C.

Consultant en sécurité informatique et s’exerçant dans ce domaine depuis le début des années 2000 en autodidacte par passion, plaisir et perspectives, il maintient le portail ASafety pour présenter des articles, des projets personnels, des recherches et développements, ainsi que des « advisory » de vulnérabilités décelées notamment au cours de pentest.