We had the following encrypted text:
vn, r vus qlwqhhdsqh vunqhvwdj kftdmx af xwiqo isxcdldnb. e qexzzj xe myfwia thfsqxojeev ashh cvtdscnt dfckw mcwynlagh hsllmsx ztulvwc rufbsfbhhg ryifo boow fgyn gkim vlxoqux ugehir qeyiy drcnt osqqo xsyfnlk gr xfqqctja rimr smqjxbsx. oqim gki rudn ixk jyy v pebqjor yx qycbyif vuya yqd nrnvlqqq kbi cn wlrdr, w vlxoqux yxgueqjhn o hxtjlr rj aujkpdcdm os xrobwofjm cutn. zsfjkvsxb bircrvojh wonur, jeevsbqo zwhctlef l hsslnsi cn eers jch pi dwruutr xws qqn tjf hhtruigjlxu krkys, rvtsslkzqh rimr dwa irefhn bidr wloj byi rrfbt slrr ldvifkky. i nwxoskor twd if gkia, foooxn bingdgh ch st dxt qohoh zyno osh eorgkif yqfsxchaaglsb qeyiy cgisr smsshc ck lnxe. ; ghwh fuyuwjl #1 - vuvoh #35 teu cqnyzx ; hgwt://gsldsjt.moiggyvqfu.qtv ; rimr lrqbxnsx #rmwlhgi wdf/chiuhv.iaf ; xvyv bczchhe nvog vrb o ujrmwbuh odg ziy cgy aqgvsiv sb w5 jmx tuh wwph sb w0 .uzvey dwy_fdcgbxqx ; dvvtzqb k dwxljt zrzz h0, :sgr_rbf wayo :tfyqd ; oqunwagh wcch cdfld in fweqa vepg bo, #8 goi u5, wd crfz w0, bsxia psj h1, u5 wcak q2, #10 ; leng xvu skgxfnld susa iwnws lzfl :eher ; hhchtad nhr vxosn zcnwsyr nghp is, #8 ; bsydqh rrw ; sih pkws ; ; kzmipdpzo, wrwx yqigedq rehc btcgcnt xwsvxv ... wy rr dufw e gqpzzj 😉 .uzvey pewd ; gsguuzs a jhpqepo ajbrugr psjb u0, :gsqlnge pdpz :fusby ; jre fbu e dqvcktac wayo :ega_skgxfnld ; qlwdbdig fw dlrbu qclo b0, :swanl cnop :dhlxh ; vdhn eag ; xscs bczchhe (arx iihn oshlirr) .oepuo dsry_qiuglrs crfz w0, :okug_slps sdvz :irrj_fvoi_qeqdssc dhd .ydfsb zozhxly .do "zizsrws tw rwighiy' ifsdfm rychui gxhvz !",0c0j,0 .kubro tkt_pcu .ik "ofenvi sdwof dxtl pnvwdxukgj: ",0 .uzvey hvfeu .np "sxoy. ig lw bew dvj pnid cdwgmrbr",0c0j,0 .kubro lwdw .np "xlhnern.riywnimjbe.cbp:4000",0 .porhv tqjf_ziyh .hp "uvyoxxdf.tkw",0
It could be Caesar Cipher; however, we can see that there’s something that looks like an URL (hgwt://gsldsjt.moiggyvqfu.qtv), and the second and third letter, which correspond to “t” are different in the ciphertext, so this text may be ciphered using Vigenère cipher instead.
According to this text, Vigènere can be broken via a Known Plaintext Attack. So I used the string that seems to be an URL:
The first 4 letters are probably “http”, the last 3 letters are probably “com”, and I’ll assume that the substring “moiggyvqfu”, which is the domain name of the URL, may be “nuitduhack”, the same domain that is being used to host the Nuit Du Hack prequals. So mi plaintext will be “nuitduhackcom“.
According to the link provided above, “Known plaintext is almost as trivial – subtract plaintext from encrypted text (mod 26) to produce key.” So I made this quick Python script to perform the Known Plaintext Attack:
def decrypt_char(plain, encrypted): return chr((ord(encrypted) - ord(plain)) % 26 + ord('a')) encrypted= 'moiggyvqfuqtv' plain = 'nuitduhackcom' s = '' for i in range(len(encrypted)): dc = decrypt_char(plain[i], encrypted[i]) print 'Decrypting p: %s, enc: %s = %s' % (plain[i], encrypted[i], dc) s += dc print s
And that script prints the string that is supposed to be the key: zuandeoqdkofj. So I used this online Vigenère decoder, providing the ciphered text and the key, but looks like the deciphered text is wrong:
wt, r iro cvtgtcutwh irjcrsmpe bgzdzu wr htycj ztdcqizzl. b gqsqap xr jurgfq fcwtwxbgaqf xitc twzdfzjf ncswr ddcyaiwsr eixgdtd zgrhhgz hgastlbuec difva wfpc ftvj sufc hgopwuk rcqrfh czpje dezjf ypgcj otefaig sb uvcltupa efid cjgvsstd.
Since the key used by the Vigenère scheme is repeated all along the plaintext, maybe my key just needs to be rotated. So I removed the first character of the ciphered text, but the result was still wrong. I did the same two more times, and then I obtained correct plaintext! That means that I need to rotate my supposed key 3 chars to the right. That is, zuandeoqdkofj => ofjzuandeoqdk, and that’s the correct key to decrypt the message. So we obtain the following plaintext:
hi, i was discretely wandering around as usual yesterday. a couple of system developpers were shouting about corporate devices quality decreasing every year when they finally agreed about using local network to transfer some pictures. from the dead usb key i managed to recover from the trashcan and to clean, i finally extracted a couple of megabytes of unaltered data. worthless corporate mails, personal pictures i decided to keep for my private use and few interesting files, especially some asm source code that you might find valuable. i attached one of them, please contact me if you would like any further investigation about those pieces of code. ; test program #1 - build #35 for scipad ; http://sciteek.nuitduhack.com ; some includes #include inc/stdlib.inc ; this routine asks for a password and put the address in r5 and the size in r0 .label ask_password ; display a prompt movl r0, :pwd_msg call :print ; allocate some space on stack subb sp, #8 mov r5, sp movl r0, stdin mov r1, r5 movb r2, #10 ; read the password from stdin call :read ; restore the stack pointer addb sp, #8 ; return ret ; our main ; ; basically, this program does nothing useful ... it is just a sample 😉 .label main ; display a welcome message movl r0, :welcome call :print ; ask for a password call :ask_password ; displays an error movl r0, :error call :print ; quit end ; temp routine (not used anymore) .label temp_routine movl r0, :flag_file call :disp_file_content end .label welcome .db "welcome on sciteek' scipad secure shell !",0x0a,0 .label pwd_msg .db "please enter your passphrase: ",0 .label error .db "nope. it is not the good password",0x0a,0 .label hint .db "sciteek.nuitduhack.com:4000",0 .label flag_file .db "esoasoel.txt",0
After sending that deciphered text to Jennifer, I received my first 100 points of the Nuit Du Hack 2012 Prequals.