- Ciphertext - The result of encrypting a plaintext, encrypted data
- Cipher - A method of encrypting or decrypting data. Modern ciphers are cryptographic, but there are many non cryptographic ciphers like Caesar.
- Plaintext - Data before encryption, often text but not always. Could be a photograph or other file
- Encryption - Transforming data into ciphertext, using a cipher.
- Encoding - NOT a form of encryption, just a form of data representation like base64. Immediately reversible.
- Key - Some information that is needed to correctly decrypt the ciphertext and obtain the plaintext.
- Passphrase - Separate to the key, a passphrase is similar to a password and used to protect a key.
- Asymmetric encryption - Uses different keys to encrypt and decrypt.
- Symmetric encryption - Uses the same key to encrypt and decrypt
- Brute force - Attacking cryptography by trying every different password or every different key
- Cryptanalysis - Attacking cryptography by finding a weakness in the underlying maths
Alice and Bob - Used to represent 2 people who generally want to communicate. They’re named Alice and Bob because this gives them the initials A and B. https://en.wikipedia.org/wiki/Alice_and_Bob for more information, as these extend through the alphabet to represent many different people involved in communication.
There are some excellent tools for defeating RSA challenges in CTFs, and my personal favorite is https://github.com/Ganapati/RsaCtfTool which has worked very well for me. I’ve also had some success with https://github.com/ius/rsatool.
The key variables that you need to know about for RSA in CTFs are p, q, m, n, e, d, and c. “p” and “q” are large prime numbers, “n” is the product of p and q. The public key is n and e, the private key is n and d. “m” is used to represent the message (in plaintext) and “c” represents the ciphertext (encrypted text).
Opening GPG encrypted files
1
2
3
4
5
unzip gpg.zip
sudo gpg --import tryhackme.key
sudo gpg message.gpg
ls
cat message
Installing exiftool
1
sudo apt install libimage-exiftool-perl -y
Installing steghide
1
sudo apt-get install steghide -y
1
2
exiftool Findme.jpg
steghide extract -sf
Examples
1
VEhNe2p1NTdfZDNjMGQzXzdoM19iNDUzfQ==
Solution
1
2
Base 64
THM{ju57_d3c0d3_7h3_b453}
Remember that on cyber chef https://gchq.github.io/CyberChef/#input=Cgo you can render hex images
- xxd –plain myimage.png > myhexdump.txt
- Go to cyber chef
- From hex + Render image
Brain fuck language…
++++++++++[>+>+++>+++++++>++++++++++««-]»>++++++++++++++.————.+++++.>+++++++++++++++++++++++.«++++++++++++++++++.»——————-.———.++++++++++++++.++++++++++++.<++++++++++++++++++.+++++++++.<+++.+.>—-.>++++.
XOR calculator
https://toolslick.com/math/bitwise/xor-calculator
Binwalk
1
binwalk -e [image]
Stegsolve
1
2
wget http://www.caesum.com/handbook/Stegsolve.jar -O stegsolve.jar
chmod +x stegsolve.jar
Remember that the vigenere cipher uses a key, in case we got some part of the key
XOR file with loop
1
2
3
4
5
6
7
8
9
10
11
12
13
#!/usr/bin/env python
import pwn
with open('text.txt') as file:
cipher = file.read()
# Not necessary
cipher = cipher.decode('base64')
for i in range(256):
new_msg = pwn.xor(cipher,i)
print new_msg