CrikeyCon – Craptolocker 3

The 3rd step is to create a decryption program by reversing the encryption routines in the source code. I have attached one of the encrypted files for you to test your decryption.
The flag is contained in the decrypted file.

Here is the entire encryption program from PasteBin.

import string
import random
# written by dr0ppyb3@r_h@ck3r
# v0.3 - The release version will be much better
# Updated flag: flag{h1d3_0n_p@steb1n}

def xor_c(a):
return bytearray([b^0xA8 for b in bytearray(a)])

alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ., 1234567890-!{}"
tmp_alphabet = list(alphabet)
random.shuffle(tmp_alphabet, lambda: 0.97444187175646646) # Shuffle the list into random order (but the same order every time)
shuffled_alphabet = ''.join(tmp_alphabet)

shuffleit = string.maketrans(alphabet,shuffled_alphabet)

handler = open("original_file",'rb')
handler2 = open("encrypted_file",'wb')
contents = handler.read()
handler2.write(xor_c(string.translate(contents,shuffleit)))

The main focus points are the XOR and the alphabet shuffle. Essentially to encrypt a file, use a substitution cipher and then an XOR. What makes this task simple is that the random number used for the shuffle is not random, its hard coded as 0.97444187175646646, therefore the shuffle is the same every time you encrypt a file.

To decrypt this we need to write a program which reverses the XOR first, then reverses the shuffling.

We can reuse much of the original code, and just reverse the order of execution.

import string
import random
import sys

def xor_c(a):
return bytearray([b^0xA8 for b in bytearray(a)])

alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ., 1234567890-!{}"
tmp_alphabet = list(alphabet)
random.shuffle(tmp_alphabet, lambda: 0.97444187175646646) # Shuffle the list into random order (but the same order every time)

reverse_map = {key: value for (key, value) in zip(tmp_alphabet, alphabet)}

with open(sys.argv[1]) as file:
encrypted = file.read()

reversed_xor = xor_c(encrypted)
print(reversed_xor)
plaintext = ''.join(map(lambda x: reverse_map[chr(x)] if chr(x) in reverse_map else chr(x), reversed_xor))
print(plaintext)

Using this program on the encrypted file gives us our flag.

$ python crapto.py encrypted_file
Congrats-,Xou,found,itZ,flag!d2cr@pt92d_n9_b-tc9-n_3_y2ws{

Congrats! You found it. flag{d3cr@pt03d_n0_b!tc0!n_4_y3ws}

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

WordPress.com.

Up ↑