Thursday, September 24, 2015

Writeup - CSAW 2015 : Crypto 100 - Notesy


6-to-midnight
 
Initially we noticed that when you type characters into the field, the program returns seemingly random characters. The next step that we took was to enter a string of the same characters, and we found that the character returned by the program each time was the same. We then tried to translate the “give me like a note dude” string in the text field into its respective generated characters to begin to form a correlational alphabet. The alphabet string translation that we generated after going through each character and finding its corresponding encoded character is as follows:

a=u
b=n
c=h
d=m
e=a
f=q
g=w
h=z
i=i
j=d        
k=y
l=p
m=r
n=c
o=j
p=k
q=b
r=g
s=v
t=s
u=l
v=o
w=e
x=t
y=x
z=f

The next thing that we tried was to input the characters relating to the difference between each character in “give me like a note dude” and its encoded translation “risw dw uipw e bvxw jajw”. For example the difference between the letters ‘g’ and ‘r’ is 11 so the 11th character of the alphabet is ‘k’ after coming up with a new translation using this method we tried this flag…but to no avail. What really threw us off with this challenge was that the flag was not a readable string that made sense as we translated it.


The flag ended up being the entire 26 character encoded alphabet:

FLAG: UNHMAQWZIDYPRCJKBGVSLOETXF

**We were looking for a logical/readable flag for quite a while before simply trying the translated alphabet.