WeChall - Training - Crypto - Substitution II

Posted on In Views: Disqus:

Challenge

I have created an advanced version of the simple substitution cipher. It can now use chars in range from 0-255, but that should not stop you. The ciphertext is in the language of this text, and uses correct punctuation and case-sensitivity.

Substitution I 的进阶版。每次页面会生成一套新的 0-255 字节替换表,密文是十六进制字节序列,明文语言仍然是英文。

Solution

这题不能复用旧答案:同一个挑战在不同 session 下会给不同密文和不同的 solution 值。但明文模板是固定的,所以可以用 known plaintext 方法解码。

解法步骤:

  1. 访问挑战页面,获取当前 session 的十六进制密文
  2. 已知明文以 Congratulations! 开头,onat 等字母会在固定位置重复出现,以此建立字节到字符的映射
  3. 继续根据英文句子上下文补全映射,直到解出完整明文

完整明文模板为:

1
Congratulations! This one was harder, but you got it! Very well done fellow hacker! The problem with this cipher is that the key is pretty long! I will come up with a better encryption sheme any soon! Your solution is: <session-answer>!

注意原文里故意写成了 sheme,不是 scheme

解码脚本核心逻辑:

1
2
3
4
cipher = [int(x, 16) for x in re.findall(r'\b[0-9A-F]{2}\b', hex_blob)]
template = 'Congratulations! This one was harder, but you got it! Very well done fellow hacker! The problem with this cipher is that the key is pretty long! I will come up with a better encryption sheme any soon! Your solution is: '
mapping = {byte: char for byte, char in zip(cipher, template)}
plaintext = ''.join(mapping.get(byte, '?') for byte in cipher)
smrnneobfhoo