infinite_decoding_odyssey
SRC: https://library.m0unt41n.ch/challenges/infinite-decoding-odyssey
This rev chall is pretty straight forward, with have a encryption or lets say a lil scrambling function which we should reverse. We have a scramble flag:
V1QWz9Xq8B_q11B9Q0sBQB}s7@B143WB9Y2UB9pB57q39CA
And a charset:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789{}_!@#$%^&*()-+=
The routine custom rot, implements a rot like cipher with a lil twist, it adds a mod too the rotated index, indicated by the % within the pseudo code gnerated by bninja. To be precise mod 0x4f -> so mod 79 is statically used everytime, which is the length of the alphabet.
And the rotation amount used is also statically set, but within the function call as argument -> 0x25 so 37.
Final cipher too reverse the scrambled flag: out = charset[(index(c) + R) mod L]
The reversed cipher in py would be:
Resulting into: flag{th1s_w1ll_tak3_a_v3ry_long_time_t0_pr1nt!}
We could also just patch the sleep, but ye, we aint patchers we heavy thinkers.
SRC: https://library.m0unt41n.ch/challenges/infinite-decoding-odyssey
This rev chall is pretty straight forward, with have a encryption or lets say a lil scrambling function which we should reverse. We have a scramble flag:
V1QWz9Xq8B_q11B9Q0sBQB}s7@B143WB9Y2UB9pB57q39CA
And a charset:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789{}_!@#$%^&*()-+=
The routine custom rot, implements a rot like cipher with a lil twist, it adds a mod too the rotated index, indicated by the % within the pseudo code gnerated by bninja. To be precise mod 0x4f -> so mod 79 is statically used everytime, which is the length of the alphabet.
And the rotation amount used is also statically set, but within the function call as argument -> 0x25 so 37.
Final cipher too reverse the scrambled flag: out = charset[(index(c) + R) mod L]
C++:
putchar((int32_t)custom_rot(scrambled_flag[(int64_t)i], 0x25));
00001169 uint64_t custom_rot(char arg1, int32_t arg2)
00001169 {
00001169 int32_t var_c = 0;
00001169
000011c1 while (true)
000011c1 {
000011c1 if (var_c >= 0x4f)
000011c3 return (uint64_t)arg1;
000011c3
00001198 if (arg1 == charset[(int64_t)var_c])
00001198 break;
00001198
000011b7 var_c += 1;
000011c1 }
000011c1
000011b1 return (uint64_t)charset[(int64_t)((int64_t)(arg2 + var_c) % 0x4f)];
00001169 }The reversed cipher in py would be:
Python:
charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789{}_!@#$%^&*()-+="
rot = 37
scr = "V1QWz9Xq8B_q11B9Q0sBQB}s7@B143WB9Y2UB9pB57q39CA"
flag = "".join(charset[(charset.index(c) + rot) % 79]for c in scr)
print(flag)Resulting into: flag{th1s_w1ll_tak3_a_v3ry_long_time_t0_pr1nt!}
We could also just patch the sleep, but ye, we aint patchers we heavy thinkers.
