randBox

Crypto - 120 Points

Find your random black box here:

randBox-iw8w3ae3.9447.plumbing port 9447

Note that the order of challenges has changed as of about 2015-11-28 23:00 UTC

Writeup

I’ve started connecting to the service with netcat

nc randBox-iw8w3ae3.9447.plumbing 9447

The server reply with this text:

Alphabet is '0123456789abcdef', max len is 64
You need to send a string that encrypts to 'cd7682a4404b2e7205a75449202d8a0a'
Guess 0/21 (Round 1/10)

So we will work with hex alphabet of len 32 (max 64) and the challenge is a Chosen Plaintext Attack.

NB. We have finished this challenge overtime, the Rounds order is based on the randBox.py source code

NB. Rounds are 10 but unique Cyphers are 6

Round 1-2

When sending a string like 0123456789abcdef the server reply with 54761032dcfe98ba.
So (thinking that it’s a Cesar Cipher) we can substitute all the char in the cipher string and get the plain string!

With the first Guess we take the alphabet and with the second we complete the round!

see cesar function in the python solver

Round 3-4

This was a simple shift (every char shifted of n positions). Lot of team made a different function sending 0 and getting the position shifting. I have simply reuse the cesar solver function that will work fine.

see cesar function in the python solver

Round 5

This was similar to Round 3 and 4, but the shifts are per position in the plaintext rather than constant for whole text. For example first character is shifted by X, second by Y etc.

It’s like a Vigenere Cipher, if we think that the shifting string (made up of every shift positions) is the key.
And in a Vigenere Cipher, the first char in the alphabet is the “mirror” that will reveal our “key”.
So to get the shifts information we send data 00000000000000000000000000000000 and then decrypt our Cipher string.

see vige function in the python solver

Round 6

This was a cyclic shift of the input by a random number of positions, dependent on the length of input, so to break it we need to know how many places will the shift be. We get this by sending data aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa1 and the couting how many places the 1 has moved.

see shift function in the python solver

Round 7

Begin hard round!

This was a little harder than the previous.

The Cipher start with a random constant, xor that with the first char in the plain string, take the result and xor again with the next char. Something like a cyclic xor.

We send the initial 0 for get the constant and then make the xor on the cipher string.

see xorPrev function in the python solver

Round 8

This was also a Cyclic Cipher, but this time was a sum between the current char and the previous char. (modulo 16!)
Sum the constant with the first char, the first char with the second and so on…

We get the constant with 0 and then we must subtract current - previous.

see sumPrev function in the python solver

Round 9

This was like the Cyclic XOR cipher but every pairs of 2 char was shifted (ex. 0123 -> 1032)

see xorSwap function in the python solver

Round 10

A Cyclic XOR like Round 7


Here you can download the randbox_solver.py

And here the final session with the solver

Round 1
Round 2
Round 3
Round 4
Round 5
Round 6
Round 7
Round 8
Round 9
Round 10
Round 11
> You got it!
9447{crYpt0_m4y_n0T_Be_S0_haRD}