Cryptohorrific

I am new to app development in Apple ecosystem as well as the usage of XCode, thus unable to explain many things provided in the file.

I do see some useful .plist files that contains valuable information yet unable to decode it, possibly because there’s more encryption behind it.

Also the issue with the image being compressed and unable to view.

Do I need an iphone to win this challenge? Or are the files provided sufficient?

Please provide me with some advice =)

@LeDeceiver said:
I am new to app development in Apple ecosystem as well as the usage of XCode, thus unable to explain many things provided in the file.

I do see some useful .plist files that contains valuable information yet unable to decode it, possibly because there’s more encryption behind it.

Also the issue with the image being compressed and unable to view.

Do I need an iphone to win this challenge? Or are the files provided sufficient?

Please provide me with some advice =)

We wouldn’t release anything that requires an actual non-free device in order to solve :wink:

Good luck, my friend. Im stuck on this challenge as well. My lack of RE skill shines bright on this one.

I have identified the file I need to focus on within the app bundle.
I took the right steps to unveil the relevant data in ASCII format.

Now I am left with an encoded flag, but despite trying rearranging the data, chaining decoding algorithms, replacing specific bits, the string I am working with does not comply with base64 and cannot be decoded (it decodes as garbage).

I have also considered the “id” and “title” keys as hints, without luck.

What am I missing?

SPOILER

@KouPreY said:
SPOILER

You are almost done, keep trying IV and KEY should sound familiar

I got it. Actually, it doesn’t need much knowledge on RE. However, I find out that decompiler help me a lot for this challenge.

I’ve been working on this one and have hit a wall with what to do next. I’ve found the file out interest with the flag and decompiled with IDA, but all of the decryption tools I’ve tried aren’t working. Any hints would be lovely.

Crypto and iOS means that there is the CCCrypto framework in the mix.
I read the documentation for it and tried to decrypt the string using a key, an initialisation Vector (where needed) and then I tries to use every single cipher from AES down to RC2 without any luck.

Is the flag ready or does it needs to be fixed first? As I see that it is not a proper base64 as it is.

I’ve gone through and looked up what the file extensions do as far as what they file types are, converted all files from hex, and checked most for base64 encoding.

I’m not quite sure where to go from here. Does this challenge require IDA, Ollydb, or Radare? Is this something I need to be running in a specific OS or environment?

I’m very new to Reverse Engineering and I’m not sure where to go from here, what’s standard and what’s not, and how to proceed.

Any guidance or nudges would be appreciated!

basic Reverse Engineering is enough

@eks i’ve searched a lot and all the ways that are possible for app decryption need either an ios phone or a mac which many people may not have. is there a real free alternative?

@kouPrey which decompiler did you use ?

@danymogh you can try ida or hopper.

Could I get a PM on this challenge? I’ve found the pieces but am unsure of how to break the flag. I have an idea of what things are but don’t want to post spoilers, and really want to understand this challenge.

@danymogh said:
@eks i’ve searched a lot and all the ways that are possible for app decryption need either an ios phone or a mac which many people may not have. is there a real free alternative?

If you researched a lot, then you did not research right… As i mentioned before, it doesn’t require an iOS device or a MacOS. We wouldn’t release it if it did.

@KouPrey
I tried both but it seems the program is encrypted. any tip on how to decrypt it?

@danymogh you do not need to read the whole program. You only need to find value/text you need to decrypt the cipher text.

Got a base64 look alike flag but decrypting produces gibberish, tried decrypting in ASCII too but the same result

@Afolic said:
Got a base64 look alike flag but decrypting produces gibberish, tried decrypting in ASCII too but the same result

To get this challenge you will have to look into how the app is handling the base64 string and what goes into that string. See @ShingoTamai comment above for an idea on where to begin your search. There are a couple free tools you can download to do this. Some more helpful than others depending on the options they offer.

For anyone needing a nudge feel free to PM.

1 Like

To answer my own question: the base64 encoded flag that can be found in the application does not need to be pre-processed before it can be passed to a decription tool.

For the rest, IDA is your friend.