--- title: peaCTF 2019 (Round1) - [Crypto] Crack The Key (450pts) author: Maltemo tags: CTF, peaCTF, Crypto, Vigenere --- peaCTF 2019 (Round1) - [Crypto] Crack The Key (450pts) === Written by [Maltemo](https://twitter.com/Maltemo), member of team [SinHack](https://sinhack.blog/). [TOC] ## Statement of the challenge ### Description On one of my **frequent** walks through the woods, I stumbled upon this old French scroll with the title "le chiffre indéchiffrable." Remember to submit as peaCTF{plaintext_key}. ### Encrypted file :lock: The file attached was `enc.txt` and contained : ```= DVMDVRWOUISIERRRGNNVMWPOPGTOHSBUIHTCSSMJIVUWEXHTCTKZKFXIENWTDDOVMEOWDZRQEBQPVLFWKJBGL EEDALGCIVLQGLTWTCMFXSIAQTLTUGZQZZWOPVGIRCSLRUZRJUZBQSXSPXGJMGTPRPUGRSIVRGUDAFXHTNLVVBMF ZMQSFUWTWTFSWHIGXHTQLGCUSRGLEIWWXXWWCJDAIFXGAPDWGWFHTZSVOBISITRVUTTVRTWTDGMCPHGGNRDB POIZZWZPGHTTDQPHOYIUTUEWJDCPWORWDAZREDNHYSJZRJPAFSOCPDXZVPLVPGMNIWPFWUVRDUJINIDFXLYIUTE NWAHITVJZRJPVQEFAJEXWIMQVIYPTWGZYYYXKTNNVMQJTPVZRJHEBVDWPOKGEIUDCAHDJGTRYKLHSILXHPIZPVDE MDZGLEEGTDWDMGSTRAHXIPFGRVKPLUEDPHEVSEKHSZREMDCELWGVHKQBYSCXRLLRRGLQFLESIZGGDQXCQPETT XEXGKLHDBUIRPCTQSCWLIPNHBTTYEYIIHSBUETIWPCKYSXALNPLBTPXAEXKTJVKBPGYEKJSRCIFQRYDYIKNEVHISILN DFXGWXKTENCOASXEBFVVDPRAAHPWASPWFPTYIDIWZYYYXKTVNQEJCOIJNLLRPUIHPSMIWEIAWQOMTTSHEKNMOAQ AKDDCMISLXBLIFWOWXRLDPVHVIEHESDYXZVJDGUGLAITGIJPSQTENWQJXEIJVEGNBBPOHTLRZFYUHAYIEEXYSJUIUI WUIAGLSELYIKPLGSSPNLXGEIHCLBJTWTMMYSEUCWAESDGESXIELHMQTLPIQSJDQDYWEAAHPWVWRHBTVFGOCRPH GELLHJRHOUHEVSNYQSMEELPCEIJEAKXKULUCVQVGDEETIZLELPDXOVPYTGRERHDWHSEHKPLYETTAJKJFAQGIGLEG HESMKFXIPRAAHHEMDCEPPRRWTXRWSGBMQVXVKWXISEOZWHPVQFECTGSDVRWPXCIAGPYGWZRVEQGIOUISIXRG WIPNXHXHEYKYIVWIQREKTCFWVRFJBOIFDGPPGEKWWMBXHTGLRADEOHJRKACIZEJIMYTIAHMPZPXZVQVTTIISRDXJGI XDQTREFITCXZVMUSQSJEGTYXXRWKXWAWFXGDXURQHIPRXHGTPHGXWEACRFEAAUIKJMHPVQTICRSIJRRGIPRRTWT AMYJAKDARXTATOHGNRLCBUISIGLAADQHSQNXEANTRXISQIWSXHTEWELWSUBBUIHTCDTWIGKTLGLEBHPPNVWRCBU IWXCOSOJMOAAGLEEXRIGEWIACGXEGTOYHKSWWMEEFITCWLYIVWMRTACSNSOJPDNLBANQTSMFUXKTXVKSPCOFW XEQIWPLELISIULHWWMGAORPCXZFVVTAOSXTGLRVTPRKMEGABTTRLFKHIPRVWPAVMFXZHGGFPOLAJEFUWHIBVRGS DHRLYILGDNWTWPTVQYSRUAJMTWVCISKGDGMYISIISIJVWKDCYHBTHZQWJQDATNRIBPWGGEGHPTRHICISIKKVDLKYS VTGHEKRWWDCGQOIWPVDPQDGMNTPGDLGZZRJBQQHLTATJWNLRWIQREKTCUMZXHVWGLEGUTKMIIEPKXEFITCLWIJ RJZGLFDPWFGOIULIFENTCZVEFYVQMNWTCTLVDPILVPGIECWLRVJLLVPNRDPHDXJFRJPANRYILZSJUMQPZLLOGHPWH LXWDORXHTGLAZZXHHBEMPTSZAFYMVCWFIGPKPLADEVDURAHPIDXMGMGPXCIAGPYGWRRGXVSECIWPASJRRIWSJI GHEVSKILCBRPLXVPRUVFXIPRAAHJYMNVVVPTYCRTHAIUKIGUWELIHHEISUMQTAFSFRWLVSTXHGIAHTGTXIFUSXHXBA EGHZJOFVNPNGIRIWPLGIWHHKNQEBJCMWCXKTEUMTTVZELRRGQMANABXYXZVHRCSRCBTCUEEZRZPAGLEDAOIKKE QXUNPOCISIXRVPPVQXHTLZVKKXHBXRVESWPWWCHRBBNPKTSLRVNLHCPRHISXEASJYVJIYPYIDXECVWRBMPCNXRL PJVQDGSSSRXCDXSEGHWMJSUASDEQKLDIOBHHPSRMNVRKXUNXAXAESCVISIPRJLXTDSXWFXIBUETWTHSMCHVDWA IRWPGIZRHQDBNMLPCORGWPLTANPOCTLQGEKWWMNRIBPWWGEXKTNNVMWTYINVVOPCTLESXQEKBIGLPLLELDFPVJ EBIPNXHTHLAFFXKXVTXOAPFKZRXQTDRVTWTWIKJALIPBYTDEPRDPEGBQGXICVTXZVADHLRZOITOXGSSATZGLEILZSX KLHBCFYAAAJWHVRWIPRMRHJYHSPWWDORXHTGTRLYIVBIYPPPSOSUBFHNWAHTWTZVUYEUSOEEZXCRWAUIENAVH EPCORWMIUHXREKXCR ``` ### Hint The text is guaranteed to be in modern English with regular letter frequencies. ## Analysis :mag: When I started this challenge, I went directly to the encrypted file and tried it with different cypher and with mono alphabetical substitution. I tried guessing, giving a possible word "PEACTF", but I stopped after reading 90 wrong results. :::warning That wasn't the right call. ::: Do you remember what the teacher always said before tests ? >No one : "" >Every single teacher : "Don't forget to read the entire statement !" After wasting my time, I finaly decided to read the statement and I found a lot of informations : * **frequent** in bold made me thought about frequency attacks. * **“le chiffre indéchiffrable.”** when you search this in google, you immediatly find Vigenere Cypher. * I toggled the hint, and got the information that the text was in English. :::success That's much better, isn't it ? ::: ## Solution :unlock: My favorite website resolving cyphers (dcode.fr) didn't work with english frequency analysis. So I made new searches and found this awesome website : * https://www.guballa.de/vigenere-solver I tried with our cyphered text (enc.txt), Chose classical Vigenere and English Language. Clicked on the button `Break Cypher` ![](https://i.imgur.com/Xuf163M.png) I got this result : ![](https://i.imgur.com/GADXfBN.png) The text was readable and we also gained the cypher key. As I wasn't shure if the flag was in the text, I read the text ... ```= MR JONES OF THE MANOR FARM HAD LOCKED THE HEN HOUSES FOR THE NIGHT BUT WAS TOO DRUNK TO REMEMBER TO SHUT THE POP HOLES WITH THE RING OF LIGHT FROM HIS LANTERN DANCING FROM SIDE TO SIDE HE LURCHED ACROSS THE YARD KICKED OFF HIS BOOTS AT THE BACKDOOR DREW HIMSELF A LAST GLASS OF BEER FROM THE BARREL IN THE SCULL ERYAND MADE HIS WAY UP TO BED WHERE MRS JONES WAS ALREADY SNORING AS SOON AS THE LIGHT IN THE BEDROOM WENT OUT THERE WAS A STIRRING AND A FLUTTERING ALL THROUGH THEFARMBUILDINGSWORDHADGONEROUNDDURINGTHEDAYTHATOLDMA JORTHEPRIZEMIDDLEWHITEBOARHADHADASTRANGEDREAMONTHEPREVIOUSNIGHTANDWISHEDTOCOMMUNICATE ITTOTHEOTHERANIMALSITHADBEENAGREEDTHATTHEYSHOULDALLMEETINTHEBIGBARNASSOONASMRJONESWASSAFELY OUTOFTHEWAYOLDMAJORSOHEWASALWAYSCALLEDTHOUGHTHENAMEUNDERWHICHHEHADBEENEXHIBITEDWASWILLI NGDONBEAUTYWASSOHIGHLYREGARDEDONTHEFARMTHATEVERYONEWASQUITEREADYTOLOSEANHOURSSLEEPINORDERT OHEARWHATHEHADTOSAYATONEENDOFTHEBIGBARNONASORTOFRAISEDPLATFORMMAJORWASALREADYENSCONCED ONHISBEDOFSTRAWUNDERALANTERNWHICHHUNGFROMABEAMHEWASTWELVEYEARSOLDANDHADLATELYGROWNRATHER STOUTBUTHEWASSTILLAMAJESTICLOOKINGPIGWITHAWISEANDBENEVOLENTAPPEARANCEINSPITEOFTHEFAC TTHATHISTUSHESHADNEVERBEENCUTBEFORELONGTHEOTHERANIMALSBEGANTOARRIVEANDMAKETHEMSELVESCOMFOR TABLEAFTERTHEIRDIFFERENTFASHIONSFIRSTCAMETHETHREEDOGSBLUEBELLJESSIEANDPINCHERANDTHENTHE PIGSWHOSETTLEDDOWNINTHESTRAWIMMEDIATELYINFRONTOFTHEPLATFORMTHEHENSPERCHEDTHEMSELVESONTH EWINDOWSILLSTHEPIGEONSFLUTTEREDUPTOTHERAFTERSTHESHEEPANDCOWSLAYDOWNBEHINDTHEPIGSANDBE GANTOCHEWTHECUDTHETWOCARTHORSESBOXERANDCLOVERCAMEINTOGETHERWALKINGVERYSLOWLYANDSETTINGD OWNTHEIRVASTHAIRYHOOFSWITHGREATCARELESTTHERESHOULDBESOMESMALLANIMALCONCEALEDINTHESTRAWCLO VERWASASTOUTMOTHERLYMAREAPPROACHINGMIDDLELIFEWHOHADNEVERQUITEGOTHERFIGUREBACKAFTERHERF OURTHFOALBOXERWASANENORMOUSBEASTNEARLYEIGHTEENHANDSHIGHANDASSTRONGASANYTWOORDINARYHORSESP UTTOGETHERAWHITESTRIPEDOWNHISNOSEGAVEHIMASOMEWHATSTUPIDAPPEARANCEANDINFACTHEWASNOTOFFI RSTRATEINTELLIGENCEBUTHEWASUNIVERSALLYRESPECTEDFORHISSTEADINESSOFCHARACTERANDTREMENDOUSPOW ERSOFWORKAFTERTHEHORSESCAMEMURIELTHEWHITEGOATANDBENJAMINTHEDONKEYBENJAMINWASTHEOLDESTA NIMALONTHEFARMANDTHEWORSTTEMPEREDHESELDOMTALKEDANDWHENHEDIDITWASUSUALLYTOMAKESOMECYNICA LREMARKFORINSTANCEHEWOULDSAYTHATGODHADGIVENHIMATAILTOKEEPTHEFLIESOFFBUTTHATHEWOULDSOON ERHAVEHADNOTAILANDNOFLIESALONEAMONGTHEANIMALSONTHEFARMHENEVERLAUGHEDIFASKEDWHYHEWOULDS AYTHATHESAWNOTHINGTOLAUGHATNEVERTHELESSWITHOUTOPENLYADMITTINGITHEWASDEVOTEDTOBOXERTHETWOOF THEMUSUALLYSPENTTHEIRSUNDAYSTOGETHERINTHESMALLPADDOCKBEYONDTHEORCHARDGRAZINGSIDEBYSID EANDNEVERSPEAKING ``` ... and stopped quickly because I saw that the flag wasn't there. I tried to use the key as the flag, and it worked. ### TL;DR The text was cyphered with **Vigenere Cypher**. I did a **frequency** attack using this website: https://www.guballa.de/vigenere-solver ### Flag :white_check_mark: The flag is **peaCTF{redpineapples}** ___ <a rel="license" href="http://creativecommons.org/licenses/by-nc-nd/4.0/"><img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-nc-nd/4.0/88x31.png" /></a><br />This work is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-nc-nd/4.0/">Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License</a>.
Last changed by  
Maltemo
488

Read more

AperiCTF 2019 - [OSINT] Hey DJ (175 points)

Written by Maltemo, member of team SinHack

12/13/2023
SharkyCTF 2020 - [Web] Containment Forever (300pts)

SharkyCTF 2020 - [Web] Containment Forever (300pts) Written by Maltemo, member of team SinHack. [TOC] Statement of the challenge Description Hello, welcome on "Containment Forever"! There are 2 categories of posts, only the first is available, get access to the posts on the flag category to retrieve the flag. containment-forever.sharkyctf.xyz

5/11/2020
SharkyCTF 2020 - [Forensic] Romance Dawn (100pts)

SharkyCTF 2020 - [Forensic] Romance Dawn (100pts) Written by Maltemo, member of team SinHack. [TOC] Statement of the challenge Description Whoops. It seems Luffy played with my picture and I'm not able to open it anymore. Please help me. Creator: 2phi

5/11/2020
SharkyCTF 2020 - [Forensic] Pain In The Ass (200pts)

SharkyCTF 2020 - [Forensic] Pain In The Ass (200pts) Written by Maltemo, member of team SinHack. [TOC] Statement of the challenge Description It looks like someone dumped our database. Please help us know what has been leaked ... Creator: 2phi

5/11/2020
Read more from Maltemo
Published on HackMD