Cryptography on Monish Kumar's Blog https://itsmonish.pages.dev/tags/cryptography/ Recent content in Cryptography on Monish Kumar's Blog Hugo -- gohugo.io en-us Sat, 26 Apr 2025 17:51:33 +0530 Cryptography - No need for brutus https://itsmonish.pages.dev/blog/huntress-ctf-2024/crypto-no-need-for-brutus/ Sat, 26 Apr 2025 17:51:33 +0530 https://itsmonish.pages.dev/blog/huntress-ctf-2024/crypto-no-need-for-brutus/ <h1 id="no-need-for-brutus">No need for Brutus </h1><h2 id="challenge-statement">Challenge Statement </h2><p>Author:@aenygma</p> <p>A simple message for you to decipher:</p> <p><code>squiqhyiiycfbudeduutvehrhkjki</code></p> <p>Submit the original plaintext hashed with MD5, wrapped between the usual flag format: <code>flag{}</code></p> <h2 id="solution">Solution </h2><p>The title includes Brutus who is known for betraying Julius Caesar. Caesar happen to be named after a cipher he created, The Caesar cipher, also known as ROT cipher.</p> <p>This suggests that the cipher provided might be a ROT cipher for which we don&rsquo;t know the key for.</p> <p>Using <a class="link" href="https://cyberchef.org/" target="_blank" rel="noopener" >Cyberchef</a> we can use the recipe ROT13 Brute Force to list all possible plaintext for the cipher.</p> <p><img src="https://itsmonish.pages.dev/images/huntressctf-2024/no-need-for-brutus/1.png" loading="lazy" alt="Cyberchef result" ></p> <p>We find a plain text with key value of 10. Since the challenge requires us to use the MD5Sum of this plaintext we can calculate it using:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>echo -n <span style="color:#e6db74">&#34;caesarissimplenoneedforbrutus&#34;</span> | md5sum </span></span></code></pre></div><p>Covering the obtained hash with flag format yields the flag</p> Cryptography - Strive Marish Leadman TypeCDR https://itsmonish.pages.dev/blog/huntress-ctf-2024/crypto-strive-marish-leadman-typecdr/ Sat, 26 Apr 2025 17:51:33 +0530 https://itsmonish.pages.dev/blog/huntress-ctf-2024/crypto-strive-marish-leadman-typecdr/ <h1 id="strive-marish-leadman-typecdr">Strive Marish Leadman TypeCDR </h1><h2 id="challenge-statement">Challenge Statement </h2><p>Author:@aenygma</p> <p>Looks like primo hex garbage.</p> <p>Maybe something went wrong?</p> <p>Can you make sense of it?</p> <p><strong>Note</strong>: This challenge was accompanied with a per-user instance</p> <h2 id="solution">Solution </h2><p>On spinning up the per-user instance, I was given a command to use Netcat into the instance.</p> <p>On connecting it just print out the following data and exitted. <img src="https://itsmonish.pages.dev/images/huntressctf-2024/strive-marish-leadman-typecdr/1.png" loading="lazy" alt="data from nc" ></p> <p>Now if you have worked with cryptosystems you could have recognized what this is right away. But those who don&rsquo;t, this is variable for a RSA public cryptosystem.</p> <p>The given are everything that needed to encrypt and decrypt data.</p> <p>A quick run down of that is:</p> <ul> <li><code>p</code> and <code>q</code> are supposed to be very large prime numbers</li> <li><code>n = p * q</code></li> <li>Now a value called Euler&rsquo;s phi function for the value <code>n</code> is calculated as <code>phi(n) = (p-1)*(q-1)</code></li> <li>Now a random value <code>e</code> is selected such that <code>e &lt; phi(n)</code> and <code>e</code> and <code>phi(n)</code> are co-prime</li> <li>This <code>e</code> is the public key</li> <li>Now the corresponding private key is derived such that <code>d*e = 1 mod phi(n)</code></li> <li>With this one can encrypt message <code>m</code> to cipher <code>c</code> with public key as <code>c = (m^e) mod n</code></li> <li>This can be reversed or decrypted using private key as <code>m = (c^d) mod n</code></li> </ul> <p>Since we have all the variables and assuming the data in the bottom is ciphertext, this boils down to a simple decrytion.</p> <p>I used a tool called <a class="link" href="https://github.com/RsaCtfTool/RsaCtfTool" target="_blank" rel="noopener" >rsactftool</a> to get it done.</p> <p>By just plugging in the values of p, q, d, e and data to decrypt, the tool even decoded the output to UTF-8 making my job easier.</p> <p><img src="https://itsmonish.pages.dev/images/huntressctf-2024/strive-marish-leadman-typecdr/2.png" loading="lazy" alt="rsactftool output" ></p>