1 of 7

Crypto

home rolled

So after deobfuscating the script (which i didnt rly needed to) i found it was encrypted with a otp of random order of range(256). so then i thought "kek how can i break otp" but then i realised it never repeats itself. i also knew that it started with "tjctf{" and ended with "}". i created a list of possible values left and used that for each position of the flag. this gave me a bunch of characters possible for that position. i just needed to repeat it until there was 1 char left (connected with vpn cus doxx). i did it with this script.

tjctf{n3v3r_r0LL_ur_0wn_cryptOMEGALUL}

rgbsa

Extract red pixel vals from each frame (last bit) go to day's site

https://medium.com/bugbountywriteup/rsa-attacks-common-modulus-7bdb34f331a5

copy code with adjustments. convert output to text and bam!

flag{excitableillumination_wanderer}

def main():
    from PIL import Image, ImageFilter

    def openshit(filename):
        # Open image file
        im = Image.open(filename)

        print("\n** Analysing image **\n")

        # Display image format, size, colour mode
        print("Format:", im.format, "\nWidth:", im.width, "\nHeight:", im.height, "\nMode:", im.mode)

        # Check if GIF is animated
        frames = im.n_frames

        print("Number of frames: " + str(frames))
        print("\n** Converting image **\n")

        alls = []
        # Iterate through frames and pixels, top row first
        for z in range(frames):
            # Go to frame
            im.seek(z)
            rgb_im = im.convert('RGB')
            # print("Frame: ", im.tell())

            pixels = list(rgb_im.getdata())

            a = int("".join([str(r[0]%2) for r in pixels]),2)
            # print("--------------------------------------")
            # print(a)
            # print("--------------------------------------")
            alls.append(a)

        return alls


    alln = openshit("n.gif")
    alle = openshit("e.gif")
    allc = openshit("new_c.gif")

difficult decryption

So i just followed the tutorial kek. i spent so long understanding what it meant so heres a summary of it

1. compute prime factors of totient p in form p^k
2. find x modulo p^k (ill show later)
3. chinese remainder thereom!!!!!
4. compute shared key (other ** step3 % modulus)
5. xor and convert to hex then text!!!
tjctf{Ali3ns_1iv3_am0ng_us!}

did it this script (after chinese remainder i got 64460789473481109991812750133942026256 alice - doesnt need to be prime because they cycle)

a = 491988559103692092263984889813697016406
msg = 12259991521844666821961395299843462461536060465691388049371797540470
c = [232042342203461569340683568996607232345,76405255723702450233149901853450417505]

at = 1
for i in a0:
    at *= phi(i)
print(at)

at0 = [[2**32],[3**15],[5**4],[7**3],[11],[13**2],[17],[19],[23],[29],[37],[53],[79],[109]]

for i in at0:
    temp = pow(c[0],at//i[0],a)
    for j in range(1,10000):
        if pow(pow(5,at//i[0],a),j,a) == temp:
            print(j,",",i[0],end = "),(")
            break
    else:
        print(j,"??")

Reasonably Secure Algorithm

With an n value this small, it can be quite easily cracked. I used RsaCtfTool (git clone https://github.com/Ganapati/RsaCtfTool), with the command:

python RsaCtfTool.py -n 126390312099294739294606157407778835887 -e 65537 --uncipher 13612260682947644362892911986815626931

tjctf{10minutes}

Is this Crypto

Single byte xor bruteforce with key 0x91

tjctf{n0_th15_is_kyl3}

Titanic

The first step is to get a list of all the words from the titanic:

Now we create a new wordlist in flag format:

Then we can use the password cracking tool john to get the flag.

The flag is tjctf{ismay's}