EKOPARTY 2015 - XOR Crypter - Crypto 200

Reading time ~1 minute

Very quick challenge this one, solved in one line shell script. Here’s the clue:

The ZIP file contains a Python script called “shiftcrypt.py”. The meat is this part:

result = []
blocks = struct.unpack("I" * (len(data) / 4), data)

print repr(blocks)

for block in blocks:
    result += [block ^ block >> 16]

The first thing I thought here is, this is not right? We can just do the same operation and get back the original data yes?

Let’s try, we take the string they gave us to decrypt:

  • CjBPewYGc2gdD3RpMRNfdDcQX3UGGmhpBxZhYhFlfQA=

And we make it encrypt it again:

root@mankrik:~/ekoparty/crypto200# echo CjBPewYGc2gdD3RpMRNfdDcQX3UGGmhpBxZhYhFlfQA= | base64 -d > c; ./shiftcrypt.py "`cat c`" | tail -1 | base64 -d
EKO{unshifting_the_unshiftable}

There we go, our flag: EKO{unshifting_the_unshiftable}

Interviewing in Tech: Security Engineer & Security Analyst

Landing a job as a security engineer or analyst at a tech company is a significant feat. It requires not only technical acumen but also s...… Continue reading

BSides Sydney 2023 Writeups

Published on November 24, 2023

DUCTF 2023 Writeups

Published on August 31, 2023