HTS Cryptography Challenge 1

This is the place for ALL of the user submitted challenges. If you create a little challenge/mission/riddle/whatever, post it here.
Forum rules
Do not post missions that you did NOT create without proper citing.

HTS Cryptography Challenge 1

Post by DavidB on Sat Apr 13, 2013 2:36 pm
([msg=75095]see HTS Cryptography Challenge 1[/msg])

Hey HTS, I'm David, and I want to ask a favor of everyone. I've been worried about getting fired form Ellington Mineral Company for a while, so I decided to have a look around my boss's computer. I found this encryption program and encrypted file named "DavidB.enc" in a folder called "EmailBackups". I looked at the program a bit, but I've hit a brick wall. I can't figure out how to break the encryption. Here's what I've found:

It's a custom made encryption program that doesn't exist anywhere else on the internet.
He left the source code right next to the program.
The key looks like it's 4 bytes long. Maybe brute force attack might work?
There's a test program that comes with it, but I'm not entirely sure what it does.

I attached the encryption and decryption source codes as well as the encrypted file. I've also attached the test program, might come in handy.

Thanks so much,

DavidB.

http://randomsite.net78.net/testing/upload/Fenc.java
http://randomsite.net78.net/testing/upload/Fdec.java
http://randomsite.net78.net/testing/upload/DavidB.enc
http://randomsite.net78.net/testing/upl ... ptorA.java



made by WallShadow and Evilp4wn
<3
DavidB
New User
New User
 
Posts: 1
Joined: Sat Apr 13, 2013 1:59 pm
Blog: View Blog (0)


Re: HTS Cryptography Challenge 1

Post by WallShadow on Sat Apr 13, 2013 2:53 pm
([msg=75096]see Re: HTS Cryptography Challenge 1[/msg])

For those who don't like java, here's the algorithm's psudo-code;

Code: Select all
byte[] function pad ( byte[] text )
   
   set size = length of text
   
   if (length of text % 4) == 0 then // if length of text divided by 4 has remainder of 0
      set size to length of text + 4 // 4 byte pad if it's already divisible by 4
   else
      set size to (length of text % 4) * 4 + 4 // set the new size to the length of text rounded up to the next multiple of 4
   
   set newtext = new byte[size]  // create a new byte array with the new size
   
   set i = 0
   
   for (i = 0; i < length of text; i++)
      set newtext[i] = text[i] // copy the contents of text to newtext
   
   set i = length of text
   set newtext[i] = 0x80 // set the first pad byte to 1000 0000 (binary)
   
   increment i
   
   for (; i < length of newtext; i++)
      set newtext[i] = 0  // set the rest of pad bytes to 0000 0000 (binary)
   
   return newtext





byte [] function unpad ( byte[] text )
   
   set size = length of text - 1
   
   while ( text[size] == 0x00 )
      decrement size // while size points to a null pad byte, decrease size by 1
   
   // size should now point to the last pad byte of 0x80
   decrement size // now we point to the last byte of the message
   
   set newtext = new byte[size + 1]  // create a new byte array with a length the size of the message
   
   for (i = 0; i < length of newtext; i++)
      set newtext[i] = text[i] // copy everything from text to new text in the message size
       
        return newtext





// takes the byte array text and encrypts the 4 bytes at offset with the 4 byte key
byte [] function blockciper ( byte[] text, int offset, byte[] key )
   
   set store = text[offset]
   
   // rotate the block backwards 1 byte
   set text[offset] = text[offset + 1]
   set text[offset + 1] = text[offset + 2]
   set text[offset + 2] = text[offset + 3]
   set text[offset + 3] = store
   
   // XOR the whole block with the key
   set text[offset] = text[offset] XOR key[0]
   set text[offset + 1] = text[offset + 1] XOR key[1]
   set text[offset + 2] = text[offset + 2] XOR key[2]
   set text[offset + 3] = text[offset + 3] XOR key[3]
   
   return text // needed only if text is a copy of the real text buffer
   // unneeded if text is a pointer to a byte array like in java or C/C++





// takes the byte array text and decrypts the 4 bytes at offset with the 4 byte key
byte [] function unblockciper ( byte[] text, int offset, byte[] key )
   
   // un-XOR the whole block with the key
   set text[offset] = text[offset] XOR key[0]
   set text[offset + 1] = text[offset + 1] XOR key[1]
   set text[offset + 2] = text[offset + 2] XOR key[2]
   set text[offset + 3] = text[offset + 3] XOR key[3]
   
   
   set store = buffer[offset + 3]
   
   // rotate the whole block forwards 1 byte
   set buffer[offset + 3] = buffer[offset + 2]
   set buffer[offset + 2] = buffer[offset + 1]
   set buffer[offset + 1] = buffer[offset]
   set buffer[offset] = store
   
   
   return text // needed only if text is a copy of the real text buffer
   // unneeded if text is a pointer to a byte array like in java or C/C++





// takes a byte array as the text and a 4 byte key to encrypt the text
byte[] function encrypt (byte[] text, byte[] key)
   
   set newtext = pad(text); // pad the text
   
   // perform the block cipher 6 times on each 4 byte block in the text array
   for (i = 0; i < length of newtext; i = i + 4)
      for (a = 0; a < 6; a++)
         set newtext = blockcipher(newtext, i, key)
   
   return newtext // needed even in java and C/C++





// takes a byte array as the text and a 4 byte key to decrypt the text
byte[] function decrypt (byte[] text, byte[] key)
   
   // perform the block cipher 6 times on each 4 byte block in the text array
   for (i = 0; i < length of newtext; i = i + 4)
      for (a = 0; a < 6; a++)
         set text = unblockcipher(text, i, key)
   
   
   
   set newtext = unpad(text) // de-pad the text
   
   
   
   return newtext // needed even in java and C/C++






example encryption for ports:

these examples all use "hello world\n" (ASCII, no \r) as the starting file

encryption with key 00000000
Code: Select all
llhewoo d


encryption with key 11223344
Code: Select all
9[t:\1_A}wU�

(linux terminal tries to convert some stuff to unicode, if you have something similar to this, it's probably correct)

encryption with key 40032001
Code: Select all
M-+FV.,EK1O!A�#


encryption with key AA1122BB
Code: Select all
�}�V�~��_�;3
(note: much of it is screwed up and some characters are invisible)


C code for this challenge will be availible upon the first complaint of the lack it here.

This is supposed to be a relatively easy cryptography algorithm to break. If you find this too easy for you, get creative with it, find as much as you can.

- WallShadow <3
Last edited by WallShadow on Sat Apr 13, 2013 7:51 pm, edited 1 time in total.
User avatar
WallShadow
Contributor
Contributor
 
Posts: 594
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Re: HTS Cryptography Challenge 1

Post by fashizzlepop on Sat Apr 13, 2013 7:14 pm
([msg=75101]see Re: HTS Cryptography Challenge 1[/msg])

GIVE ME THE C!!!
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2304
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: HTS Cryptography Challenge 1

Post by WallShadow on Sun Apr 14, 2013 10:31 am
([msg=75111]see Re: HTS Cryptography Challenge 1[/msg])

fashizzlepop wrote:GIVE ME THE C!!!


Walls delivers: (though you could have been more friendly about it, and I was actually expecting cent to ask first)

This is only the test program right now, the file encryptor/decryptor will come later if i find a reliable multi-platform method (or someone helps me ;) )for reading/writing files.
Code: Select all

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

struct buffer {

   char * array;
   unsigned int length;

};





struct buffer * newbuffer (unsigned int length) {

    struct buffer * newbuff = malloc(sizeof (struct buffer) );

   newbuff->array = malloc(length);
   newbuff->length = length;

   return newbuff;

}




struct buffer * pad(struct buffer * text)
{

   int size;

   if (text->length % 4 == 0)
   {
      size = text->length + 4;
   } else {
      size = (text->length / 4) * 4 + 4;
   }

   struct buffer * newtext = newbuffer(size);

   int i = 0;

   for (i = 0; i < text->length; i++)
      newtext->array[i] = text->array[i];

   newtext->array[i] = 0x80;



   for (i++; i < newtext->length; i++)
      newtext->array[i] = 0;

   return newtext;

}





struct buffer * unpad ( struct buffer * text )
{

   int size = text->length - 1;

   while ( text->array[size] == 0x00 )
      size--;

   struct buffer * newtext = newbuffer(size);

    int i;

   for (i = 0; i < text->length; i++)
      newtext->array[i] = text->array[i];

   return newtext;

}




void blockcipher ( char * text, int offset, char * key )
{

   char store = text[offset];

   text[offset] = text[offset + 1];
   text[offset + 1] = text[offset + 2];
   text[offset + 2] = text[offset + 3];
   text[offset + 3] = store;

   text[offset] = text[offset] ^ key[0];
   text[offset + 1] = text[offset + 1] ^ key[1];
   text[offset + 2] = text[offset + 2] ^ key[2];
   text[offset + 3] = text[offset + 3] ^ key[3];

}





void unblockcipher ( char * text, int offset, char * key )
{

   text[offset] = text[offset] ^ key[0];
   text[offset + 1] = text[offset + 1] ^ key[1];
   text[offset + 2] = text[offset + 2] ^ key[2];
   text[offset + 3] = text[offset + 3] ^ key[3];


   char store = text[offset + 3];

   text[offset + 3] = text[offset + 2];
   text[offset + 2] = text[offset + 1];
   text[offset + 1] = text[offset];
   text[offset] = store;

}





struct buffer * encrypt ( struct buffer * text, char * key)
{

   text = pad(text);

    int i, a;

   for (i = 0; i < text->length; i = i + 4)
      for (a = 0; a < 6; a++)
         blockcipher(text->array, i, key);

   return text;

}





struct buffer * decrypt ( struct buffer * text, char * key)
{

    int i, a;

    for (i = 0; i < text->length; i = i + 4)
        for (a = 0; a < 6; a++)
            unblockcipher(text->array, i, key);

    text = unpad(text);

    return text;
}
















int main ()
{

    char * s = "hello world!\n GET OUT THE DOOR!!!";

    struct buffer * b = newbuffer(strlen(s));
    strcpy(b->array, s);

    printf("%.*s\n%d\n", b->length, b->array, b->length);

    char key [4];
    key[0] = 0x12;
    key[1] = 0x54;
    key[2] = 0xAB;
    key[3] = 0xCD;

    struct buffer * b2 = encrypt(b, key);

    printf("%.*s\n%d\n", b2->length, b2->array, b2->length);
    struct buffer * b3 = decrypt(b2, key);

    printf("%.*s\n%d\n", b3->length, b3->array, b3->length);


    free(b->array);
    free(b);
    free(b2->array);
    free(b2);
    free(b3->array);
    free(b3);

   return 0;

}


<3
Last edited by WallShadow on Wed Apr 17, 2013 4:18 pm, edited 1 time in total.
User avatar
WallShadow
Contributor
Contributor
 
Posts: 594
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Re: HTS Cryptography Challenge 1

Post by Sc00bz on Wed Apr 17, 2013 6:33 am
([msg=75180]see Re: HTS Cryptography Challenge 1[/msg])

Just found out my ISP blocks randomsite.net78.net for those that want DavidB.enc here's a hex dump of it:
Code: Select all
xxd -g 4 DavidB.enc
0000000: 92e9277d c4e93b73 c4a5397b dcac1666  ..'}..;s..9{...f
0000010: daa67954 889b1e28 c0a81a71 88990176  ..yT...(...q...v
0000020: daaa1a77 fbbc1618 cdaa1178 888d0728  ...w.......x...(
0000030: c1ad1264 daa65350 daa01777 a2c31079  ...d..SP...w...y
0000040: c0a83a32 88ab0577 c6e91677 dca01d7d  ..:2...w...w...}
0000050: c6ae107b c0a85366 eca80732 cce9057b  ...{..Sf...2...{
0000060: c7ad3160 c1aa1660 c0a81832 c6a60032  ..1`...`...2...2
0000070: caac0732 88a8167c c5bc0032 88a6107a  ...2...|...2...z
0000080: c9e91532 c4b91b77 c7e95366 dbe91b7b  ...2...w..Sf...{
0000090: c9a40777 dbe95373 88a11b77 88ab1261  ...w..Ss...w...a
00000a0: c6e91677 cea61177 84e90177 cce9127c  ...w...w...w...|
00000b0: 88a81a7c c1bd1776 c6e51a7d cde9537a  ...|...v...}..Sz
00000c0: dbe91b73 cda71177 c9a25366 cfe91a7c  ...s...w..Sf...|
00000d0: dae91573 88a4077d d1e9127c cba2007b  ...s...}...|...{
00000e0: c9b05376 8881003c 88b91a61 cea60177  ..Sv...<...a...w
00000f0: c9a7017f 88bb1077 c1ac1664 c1ba0432  .......w...d...2
0000100: c7a45371 cfe91a7c 84e90662 cce9127c  ..Sq...|...b...|
0000110: caac3a32 deac1f7b c0a85366 c0a00732  ..:2...{..Sf...2
0000120: d8a80032 dba10a32 c4ad1c67 cde95370  ...2...2...g..Sp
0000130: dce71067 c6b05353 cde91c7c dbac167e  ...g..SS...|...~
0000140: c9bf537a dca11632 cfa11c67 88a60761  ..Sz...2...g...a
0000150: dca11d32 97c31a61 a8c9f312           ...2...a....

Dude seriously use spell check:
preformance belive
performance believe
Sc00bz
New User
New User
 
Posts: 3
Joined: Mon Apr 15, 2013 10:23 pm
Blog: View Blog (0)


Re: HTS Cryptography Challenge 1

Post by WallShadow on Wed Apr 17, 2013 3:21 pm
([msg=75193]see Re: HTS Cryptography Challenge 1[/msg])

Sc00bz wrote:Just found out my ISP blocks randomsite.net78.net


srsly?

did they even post a reason for it? also, see if http://net78.net/ or http://www.000webhost.com/ are blocked 'cause randomsite isn't an attack site, I use it for all of my hosting. (and if i was hosting anything malicious, my host would have kicked me by now).

-- Wed Apr 17, 2013 3:23 pm --

Sc00bz wrote:Dude seriously use spell check:
preformance belive
performance believe


btw, i have no idea where you see that. ctrl-f doesn't come up with anything.
User avatar
WallShadow
Contributor
Contributor
 
Posts: 594
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Re: HTS Cryptography Challenge 1

Post by 3vilp4wn on Wed Apr 17, 2013 6:50 pm
([msg=75196]see Re: HTS Cryptography Challenge 1[/msg])

WallShadow wrote:
Sc00bz wrote:Dude seriously use spell check:
preformance belive
performance believe


btw, i have no idea where you see that. ctrl-f doesn't come up with anything.

I think he means in the encrypted file. Oops, my fault, sorry :(
Do not mistake understanding for realization, and do not mistake realization for liberation
Evil Ninja Hackers
???
٩(͡๏̯͡๏)۶

1A4EAMboaXpgvUSmtRbVRqbfJrbyuGhyoo
User avatar
3vilp4wn
Poster
Poster
 
Posts: 144
Joined: Sun Feb 10, 2013 2:05 am
Location: The darkness.
Blog: View Blog (0)


Re: HTS Cryptography Challenge 1

Post by WallShadow on Thu Apr 18, 2013 1:26 am
([msg=75201]see Re: HTS Cryptography Challenge 1[/msg])

3vilp4wn wrote:I think he means in the encrypted file. Oops, my fault, sorry :(


Indeed. now slap yourself again for revealing that those were in the encryted file. PT attack is serious business. >:(
User avatar
WallShadow
Contributor
Contributor
 
Posts: 594
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Re: HTS Cryptography Challenge 1

Post by sordidarchetype on Thu Apr 18, 2013 8:58 am
([msg=75204]see Re: HTS Cryptography Challenge 1[/msg])

To: Hal Jillette
From: Richard Pierce
Subject: David Broderick

I have been noticing that David Broderick has not been as much of a help to his team as he has been before, and in addition, he has been taking far to many sick days. His preformance review is coming up, and I belive that his pay should be cut. Anyone else have thoughts on this?


There are SO many collisions with this thing. It's crazy. (I got 16 in under a min)
User avatar
sordidarchetype
New User
New User
 
Posts: 47
Joined: Wed Dec 22, 2010 12:46 pm
Blog: View Blog (0)


Re: HTS Cryptography Challenge 1

Post by WallShadow on Thu Apr 18, 2013 3:17 pm
([msg=75209]see Re: HTS Cryptography Challenge 1[/msg])

sordidarchetype wrote:
There are SO many collisions with this thing. It's crazy. (I got 16 in under a min)


If you look in the algorithm, you'll see why, but besides that, good job. Care to explain your method?
User avatar
WallShadow
Contributor
Contributor
 
Posts: 594
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Next

Return to User Submitted

Who is online

Users browsing this forum: No registered users and 0 guests