decrypto 1

Kerckhoffs's principle states that "A cryptosystem should be secure even if everything about the system, except the key, is public knowledge." So here's our unbreakable cipher.

File flag.txt.enc
File decrypto.py

Recon

Try the script (with "X" as the key):

# perl -e 'print "A"x200' > 200A
# python3 decrypto.py X 200A 200A_enc
# cat 200A_enc | xxd
00000000: 2352 7878 7878 7a3e 3134 3d36 3935 3d7a  #Rxxxxz>14=695=z
00000010: 6278 7a6a 6868 197a 7452 7878 7878 7a30  bxzjhh.ztRxxxxz0
00000020: 392b 307a 6278 7a6f 683c 6b3a 3e60 3a68  9+0zbxzoh<k:>`:h
00000030: 3a61 3c60 6b39 6e69 6869 6a3e 6b6d 3e3a  :a<`k9nihij>km>:
00000040: 3e6c 6e68 3b6c 6a68 6f68 6e6b 3e3d 6b69  >lnh;ljhohnk>=ki
00000050: 3a6c 3c6e 696f 606b 6168 3e3d 6b3a 6f6a  :l<nio`kah>=k:oj
00000060: 693b 3b68 6b3e 6f7a 7452 7878 7878 7a28  i;;hk>oztRxxxxz(
00000070: 3439 3136 2c3d 202c 7a62 787a 1919 1919  4916,= ,zbxz....
00000080: 1919 1919 1919 1919 1919 1919 1919 1919  ................
00000090: 1919 1919 1919 1919 1919 1919 1919 1919  ................
000000a0: 1919 1919 1919 1919 1919 1919 1919 1919  ................
000000b0: 1919 1919 1919 1919 1919 1919 1919 1919  ................
000000c0: 1919 1919 1919 1919 1919 1919 1919 1919  ................
000000d0: 1919 1919 1919 1919 1919 1919 1919 1919  ................
000000e0: 1919 1919 1919 1919 1919 1919 1919 1919  ................
000000f0: 1919 1919 1919 1919 1919 1919 1919 1919  ................
00000100: 1919 1919 1919 1919 1919 1919 1919 1919  ................
00000110: 1919 1919 1919 1919 1919 1919 1919 1919  ................
00000120: 1919 1919 1919 1919 1919 1919 1919 1919  ................
00000130: 1919 1919 1919 1919 1919 1919 1919 1919  ................
00000140: 1919 1919 7a52 25                        ....zR%

Get HEX string

# cat 200A_enc | xxd -ps -c 999
2352787878787a3e31343d3639353d7a62787a6a6868197a7452787878787a30392b307a62787a6f683c6b3a3e603a683a613c606b396e6968696a3e6b6d3e3a3e6c6e683b6c6a686f686e6b3e3d6b693a6c3c6e696f606b61683e3d6b3a6f6a693b3b686b3e6f7a7452787878787a28343931362c3d202c7a62787a19191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919191919197a5225

XOR against "X" (\x58), output:

{
    "filename": "200A",
    "hash": "70d3bf8b0b9d83a61012f35fbf460c4207063fe31b4d6178390fe3b721cc03f7",
    "plaintext": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
}

So, it seems that part of the plaintext is now known, being:

{
    "filename": "flag.txt",
    "hash": "

Get HEX string of encrypted file:

# cat flag.txt.enc | xxd -ps -c 999
153a54141d4c1601075c115a5c01514554105652510d53491a480016116614474e10565c5c1f5c45541056065b550c05565112550d5d000508094101085f07065d5543065e0951575a0143000c5f5201590440510f5952550c051601055f0c015b0740055e08025e5b044316116614474e105644510d5d091a550c401f5614452d64324f4d004e380a5f1a40621e040b026f0146620343093153064d4d185b1a4c3a09

XOR against the known plaintext part

{
    "filename": "flag.txt",
    "hash": "

Plaintext part in HEX:

7b 0a 20 20 20 20 22 66 69 6c 65 6e 61 6d 65 22 3a 20 22 66 6c 61 67 2e 74 78 74 22 2c 0a 20 20 20 20 22 68 61 73 68 22 3a 20 22

Results in leaking the crypto key: n0t4=l4gn0t4=l4gn0t4=l4gn0t4=l4gn0t4=l4gn0t

So, the XOR is n0t4=l4g

Xor the file with this XOR key:

{
    "filename": "flag.txt",
    "hash": "2f98b8afa014bf955533a3e72cee0417413ff744e25f2b5b5838f5741cd69547",
    "plaintext": "CTF{plz_dont_r0ll_ur_own_crypto}"
}

Flag

CTF{plz_dont_r0ll_ur_own_crypto}