• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation
Home > Events > Capture The Flag > CTF Example – Cryptography

CTF Example – Cryptography

January 16, 2017 By patchwork

Our Cryptography challenges have historically been paper-and-pencil options, requiring less raw, technical skill to complete. The category is meant to be a more approachable option for participants who favor puzzles instead of hacking or coding. The example I’ll walk you through in this post is no exception.

The 300 point challenge from our 2016 CTF event required the application of a fence cipher and ROT-13, two well known and documented ciphers. ROT-13 is a straightforward substitution cipher in which letters in a message are replaced with the letter thirteen letters after it in the English alphabet. In a fence cipher, as described on Wikipedia:

…the plaintext is written downwards and diagonally on successive “rails” of an imaginary fence, then moving up when we reach the bottom rail. When we reach the top rail, the message is written downwards again until the whole plaintext is written out.

Let’s take a look at the challenge itself.

On the Fence

Participants were presented with the following description for the 300 point Cryptography challenge (“On the Fence”):

VAGRRVBRJRPUZVEGGNUFN
JANRUIEOFYXABRIENXLBNPGRXLFLRYNXBEVGRVZPHR
NORLGRARFGGURZNFGAZLF

Technically, either cipher could be applied first. However, our intent was for participants to take the title of the challenge as a hint and begin with the rail-fence. A Google search of “fence crypto” looks like this:

Figure 1: Google Results for "fence crypto"
Figure 1: Google Results for “fence crypto”

Based on the Google results, the next step would be to put the provided text in a format suitable for deciphering:

002
Figure 2: Text Arranged into the Rail Cipher Style

Re-blocking the text with the fence now deciphered, we get the following string:

vjnaanorgurirelorfgyvxrabbarrirejnfxrlgbpngpugurzxrlvfzlernygnfxgbgenvagurzvfzlpnhfr

There are no direct hints that ROT-13 needs to be applied to the resulting text block. However, the text does not bare any recognizable signatures of known hash or encoding schemes. And so, applying random algorithms to the string will eventually lead one to use ROT-13. Doing so yields yet another block of text:

iwannabetheverybestlikenooneeverwaskeytocatchthemkeyismyrealtasktotrainthemismycause

Parsed out by English words, we get (capitalization for effect):

I wanna be the very best like no one ever was KEY to catch them KEY is my real task to train them is my cause

The answer is now fairly clear, “to catch them”; the two KEYs stand out within the well known lyrics to the Pokemon theme song.

 

Possibilities

The cryptography challenges used in previous RSM capture the flag events have covered a wide range of crypto puzzles and ciphers including foreign languages, staff ciphers, and book ciphers using web pages. Anyone looking to participate in RSM’s 2017 CTF should familiarize themselves with these concepts and more!

Post Views: 1,357
Share this...
Email this to someone
email
Share on Facebook
Facebook
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Share on Reddit
Reddit

patchwork

Former military intelligence. Physical security and network penetration testing.

Primary Sidebar

King Phisher Release

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • Sophos UTM Home Edition – 3 – The Setup 10,683 views
  • DLL Injection Part 1: SetWindowsHookEx 10,383 views
  • Leveraging MS16-032 with PowerShell Empire 9,875 views
  • Bypassing Gmail’s Malicious Macro Signatures 9,758 views
  • How to Bypass SEP with Admin Access 8,321 views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2019 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.