Cryptohorrific

Could I get a PM on this challenge? I’ve found the pieces but am unsure of how to break the flag. I have an idea of what things are but don’t want to post spoilers, and really want to understand this challenge.

@danymogh said:
@eks i’ve searched a lot and all the ways that are possible for app decryption need either an ios phone or a mac which many people may not have. is there a real free alternative?

If you researched a lot, then you did not research right… As i mentioned before, it doesn’t require an iOS device or a MacOS. We wouldn’t release it if it did.

@KouPrey
I tried both but it seems the program is encrypted. any tip on how to decrypt it?

@danymogh you do not need to read the whole program. You only need to find value/text you need to decrypt the cipher text.

Got a base64 look alike flag but decrypting produces gibberish, tried decrypting in ASCII too but the same result

@Afolic said:
Got a base64 look alike flag but decrypting produces gibberish, tried decrypting in ASCII too but the same result

To get this challenge you will have to look into how the app is handling the base64 string and what goes into that string. See @ShingoTamai comment above for an idea on where to begin your search. There are a couple free tools you can download to do this. Some more helpful than others depending on the options they offer.

For anyone needing a nudge feel free to PM.

1 Like

To answer my own question: the base64 encoded flag that can be found in the application does not need to be pre-processed before it can be passed to a decription tool.

For the rest, IDA is your friend.

@ShingoTamai said:
To answer my own question: the base64 encoded flag that can be found in the application does not need to be pre-processed before it can be passed to a decription tool.

For the rest, IDA is your friend.
I need some hints. I stuck on this challenge. I found some data called hash,challenge,flag,initWithBase64EncodedString_options_ Am I on the right way?

@s10suzdongu said:

@ShingoTamai said:
To answer my own question: the base64 encoded flag that can be found in the application does not need to be pre-processed before it can be passed to a decription tool.

For the rest, IDA is your friend.
I need some hints. I stuck on this challenge. I found some data called hash,challenge,flag,initWithBase64EncodedString_options_ Am I on the right way?

You need to find the key and the iv needed for the decryption of the base64 encoded string contained within the .plist file…

@s10suzdongu said:

@ShingoTamai said:
To answer my own question: the base64 encoded flag that can be found in the application does not need to be pre-processed before it can be passed to a decription tool.

For the rest, IDA is your friend.
I need some hints. I stuck on this challenge. I found some data called hash,challenge,flag,initWithBase64EncodedString_options_ Am I on the right way?

Look into what was used to create the string you’ll be trying to break down. Understanding how that string was created and the parts it used will really help you in what you need to do to break that string down, and will make the process much faster.

Happy hunting!

Similar to s10suzdongu, I have found the data within IDA. There are 2 weird strings which I believe is important but unable to utilise it. These strings are called into the key and iv function and contain special characters. Any one could give me a hint?

Oh got it… SPOILER

Anyone else having issues with running IDA64 on Ubuntu?

Nevermind needed to launch from the terminal.

Please no more PMs. They do not bring “enrichment” / “enlightenment” to everybody.

I don’t know if this is considered a spoiler, however, for this and similar challenges, openssl can be used to decode ciphertexts.

This is the generic syntax to use, to be adjusted to your needs:

echo ciphertext | openssl enc -d cipher -K KeyInHex -iv IVinHex -nopad -nosalt -base64

Run “man enc” for additional options and details.

I have a pretty good understanding on how the code works. I’ve managed to get the base64 string, the IV and the KEY. I understand the IV and KEY should be in hex format. Yet I can’t seem to decrypt it (openssl). Am I overlooking something? Feel free to PM me any hints.

@MrProxx said:
I have a pretty good understanding on how the code works. I’ve managed to get the base64 string, the IV and the KEY. I understand the IV and KEY should be in hex format. Yet I can’t seem to decrypt it (openssl). Am I overlooking something? Feel free to PM me any hints.

You are, probably. Data you have is all you need to complete this challange. @ShingoTamai already gave the ultimate hint already.

Which one is the key? I have found several keys; I am guessing there are like 20+ possible keys. How do you differentiate which one is the correct key?

mmm i found the flag and two string it seems one key and another one the iv. Try with openssl but not work show me the message ‘chipther’ not found …

i create some script with all decode algorith
openssl enc -nopad -nosalt -K xxxxxx -iv yyyyy-d -aes-128-cbc -A <<< *flag

openssl enc -nopad -nosalt -K xxxxxx -iv yyyyy -d -base64 -A <<< *flag

etc … it is the right way ? but nothing nice…