DEV Community

Kamalesh-Seervi
Kamalesh-Seervi

Posted on • Originally published at kamaleshseervi.Medium on

BabyEncryption Hack The Box

#cybersecurity #hackthebox #hacking #reverseengineering

HTB | Crypto Challenge

hackthebox

You are tasked with discovering the flag by deciphering the provided ciphertext. The challenge includes a Python script for decryption, but you need to modify the script before executing it. As a newcomer to Hack The Box (HTB), it’s uncertain whether this approach is standard or specific to this challenge. Let’s proceed without delay.

Unzipping the file

Password _ : hackthebox_

  • Upon extracting the archive, two additional files emerge: chall.py housing the Python script for deciphering the ciphertext, and msg.enc which stores the encrypted text. Now, let’s examine the contents of these files.


chall.py & msg.enc

  • Executing the script will result in the following error messages.


error script

After spending a few moments attempting to resolve the errors, I opted to abandon that approach and chose to modify the script instead.


Decode Script

def decrypt(msg):
    pt = []
    for char in msg:
        char= char-18
        char=179*char%256
        pt.append(char)
    return bytes(pt)

with open("msg.enc") as f:
    ct=bytes.fromhex(f.read())
print(decrypt(ct))
Enter fullscreen mode Exit fullscreen mode
  • The value 179 is used in the decryption script as part of the reverse operation to undo the multiplication and modulo operation performed during encryption. In the encryption script, there’s a line: 
ct.append((123 * char + 18) % 256)
Enter fullscreen mode Exit fullscreen mode

This means during encryption, each character (char) is multiplied by 123, then 18 is added, and finally, the result is taken modulo 256.

In the decryption script, the goal is to reverse this process. The line:

char = 179 * char % 256
Enter fullscreen mode Exit fullscreen mode

performs the reverse calculation. It uses 179 as the modular multiplicative inverse of 123 modulo 256. In modular arithmetic, the modular multiplicative inverse of a number a modulo m is a number b such that (a * b) % m == 1. In this case, 179 is chosen because (123 * 179) % 256 == 1, allowing the decryption process to reverse the effect of the original multiplication and modulo operation.

Let’s execute it …


Flag

The task was not too challenging, and we successfully obtained the flag:

HTB{l00k_47_y0u_r3v3rs1ng_3qu4710n5_c0ngr475}

Top comments (0)

Read next

yowise profile image

CVE-2022-26923 | TryHackMe

a.infosecflavour -

vdelitz profile image

Google Solves Passkeys' Cross-Platform Issue: Syncing Across Windows, macOS & Android

vdelitz -

lulu_liu_c90f973e2f954d7f profile image

My Experience with SafeLine: A Powerful and Free Web Application Firewall

Lulu -

vdelitz profile image

How to Integrate Passkeys in Python (FastAPI)

vdelitz -