DEV Community

Kamalesh-Seervi
Kamalesh-Seervi

Posted on • Originally published at kamaleshseervi.Medium on

BabyEncryption Hack The Box

#cybersecurity #hackthebox #hacking #reverseengineering

HTB | Crypto Challenge

hackthebox

You are tasked with discovering the flag by deciphering the provided ciphertext. The challenge includes a Python script for decryption, but you need to modify the script before executing it. As a newcomer to Hack The Box (HTB), it’s uncertain whether this approach is standard or specific to this challenge. Let’s proceed without delay.

Unzipping the file

Password _ : hackthebox_

  • Upon extracting the archive, two additional files emerge: chall.py housing the Python script for deciphering the ciphertext, and msg.enc which stores the encrypted text. Now, let’s examine the contents of these files.


chall.py & msg.enc

  • Executing the script will result in the following error messages.


error script

After spending a few moments attempting to resolve the errors, I opted to abandon that approach and chose to modify the script instead.


Decode Script

def decrypt(msg):
    pt = []
    for char in msg:
        char= char-18
        char=179*char%256
        pt.append(char)
    return bytes(pt)

with open("msg.enc") as f:
    ct=bytes.fromhex(f.read())
print(decrypt(ct))
Enter fullscreen mode Exit fullscreen mode
  • The value 179 is used in the decryption script as part of the reverse operation to undo the multiplication and modulo operation performed during encryption. In the encryption script, there’s a line: 
ct.append((123 * char + 18) % 256)
Enter fullscreen mode Exit fullscreen mode

This means during encryption, each character (char) is multiplied by 123, then 18 is added, and finally, the result is taken modulo 256.

In the decryption script, the goal is to reverse this process. The line:

char = 179 * char % 256
Enter fullscreen mode Exit fullscreen mode

performs the reverse calculation. It uses 179 as the modular multiplicative inverse of 123 modulo 256. In modular arithmetic, the modular multiplicative inverse of a number a modulo m is a number b such that (a * b) % m == 1. In this case, 179 is chosen because (123 * 179) % 256 == 1, allowing the decryption process to reverse the effect of the original multiplication and modulo operation.

Let’s execute it …


Flag

The task was not too challenging, and we successfully obtained the flag:

HTB{l00k_47_y0u_r3v3rs1ng_3qu4710n5_c0ngr475}

Top comments (0)

Read next

sotergreco profile image

Operating System Wars, what is the best operating system for programming. ⚔️

Sotiris Kourouklis -

veryfatboy profile image

Quick tip: Write numpy arrays directly to the SingleStore VECTOR data type

Akmal Chaudhri -

veryfatboy profile image

Quick tip: Using R, Rayshader and SingleStore Notebooks

Akmal Chaudhri -

thetombomb profile image

Cloudflare Pages and Next.js: I'm Not Recommending It

Thomas Desmond -