Writeup: FlareOn 2022: 009 - encryptor
1. TLDR
2. Input data
The challenge file is here. Password: flare.
The subject of the task were files:
SuspiciousFile.txt.Encrypted
flareon.exe
3. Initial analysis
The file SuspiciousFile.txt.Encrypted
probably contained encrypted data.
I verified the file type flareon.exe
:
$ file flareon.exe
flareon.exe: PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
The name, the task description, and the SuspiciousFile.txt.Encrypted
file could indicate that the flareon.exe
program pretends to be ransomware (or is in fact) .
The console program presented residual help to run it:
>flareon.exe
usage: flareon path [path ...]
A cursory analysis of the code revealed that only files whose name has at least 10 characters and the .EncryptMe
extension are encrypted.
As a result of encryption, files with the same name with the extension .Encrypted
appended were saved. Interestingly, the input file was not deleted :)
I prepared several files for the test, laboriously named with the letters A through E.
Files A and B differed by one character:
File A:
> type .\A\input.txt.EncryptMe
test
and B file:
> type .\B\input.txt.EncryptMe
text
The third file C had the same content as file A, but a different file name:
> type .\C\inputC.txt.EncryptMe
test
The fourth file D had contents longer than files A through C:
> type .\D\input.txt.EncryptMe
LoremIpsum
The fifth E file consisted of 256 letters a
:
> type .\E\input.txt.EncryptMe
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaa
The contents of the files presented below have been changed by me: I have changed the alignment of the line lengths to facilitate comparative analysis of the files.
3.1 A file test
I encrypted the file with the content “test”:
> .\flareon.exe .\input.txt.EncryptMe
.\input.txt.EncryptMe
1 File(s) Encrypted
I read the contents of the ciphertext:
> type .\input.txt.Encrypted
ôG¬Ď
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1
e5f526e1329d212b90bc82acdd66f5086c5d1b4ba606cd44691869ccdcf4c3dde4f94a5fb962fc15441078293e255920728e9de6e9958dcff5795096
7d08faa518e72ae34eef787d892f60ae35ea098fbb446bc632b7dbf77fe3eb9e1fffc2fea993dcb4e20d83f7de1df016e5d3c914a354f30e8d2cb9fe
52a70213ec22b809
72cc63373bb294b44629177e5cb65a5f0eed4d4333f2b610dd1713a0e03f55b6eaa70f9627873c5677eb01d9319268147e320cb8f017bd726fb45909
a770186e997d20070860922c8ac9390b7002a75dff0ddd47f3258b4b64e3da36082469406572597572e9dcea7e0a6870396b7c9fa9ec71cc9b69399c
7a83188eeb4f793f
5081cb5644ab4a81939aa5585dd36f08778bf059deae3a518f362e2898e831e12b154c99fc1f7912c34fda8957480558dbaca44944e5c26f991f0385
f590794856989f01b05f98d5637c8c403ec450871c519349cdfb395e4924aff9cc6949fb0465054cd70cf368c0eeae429285d909bd0dfdf8eb4074da
dbc3e5c852b0d5de
A file HOW_TO_DECRYPT.txt
has been created on the desktop:
> type .\HOW_TO_DECRYPT.txt
~*~*~* The FLARE-ON Encryptor ~*~*~*
All your files have been encrypted with a powerful combination of
symmetric and asymmetric cryptography. Do not tamper with the encrypted files.
It is of no use and will only risk corrupting your data.
To get your files decrypted send lots of cryptocurrency over Tor.
You'll need to copy and paste us these values to get your key.
<
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1,
e5f526e1329d212b90bc82acdd66f5086c5d1b4ba606cd44691869ccdcf4c3dde4f94a5fb962fc15441078293e255920728e9de6e9958dcff5795096
7d08faa518e72ae34eef787d892f60ae35ea098fbb446bc632b7dbf77fe3eb9e1fffc2fea993dcb4e20d83f7de1df016e5d3c914a354f30e8d2cb9fe
52a70213ec22b809,
72cc63373bb294b44629177e5cb65a5f0eed4d4333f2b610dd1713a0e03f55b6eaa70f9627873c5677eb01d9319268147e320cb8f017bd726fb45909
a770186e997d20070860922c8ac9390b7002a75dff0ddd47f3258b4b64e3da36082469406572597572e9dcea7e0a6870396b7c9fa9ec71cc9b69399c
7a83188eeb4f793f>
3.2 B file test
I encrypted the file with the content “text”:
> .\flareon.exe .\input.txt.EncryptMe
.\input.txt.EncryptMe
1 File(s) Encrypted
I read the contents of the ciphertext:
> type .\input.txt.Encrypted
ąű4"
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1
de0525f5bab9139bbd06722c24bbf235f104a71c215697e63110620b96599760fd5c4496e2a3de3ce4c3b4cdea76e032ed73e1554fb834beba467976
5a5847a237129b506da4ca63fb64ea31a44d0a6aec0866a52c32a4036492a301bcfa1be1e7e729bf1d7bbded6b3cbd708ef6d5b195788a864765e238
3501c608456ea83d
06c224715e06eb5ee92548301c008e88aab2d091677bf797ff9833d0b74a50f593b626b86fa10502cb79eb3745a0243eca7309a6b709f078bb998560
baeffec2126063269fa5e4e12f844f9bd29bb26c2e6811546cb8f5f570af78641322c792247958f9a9300e6934be1bf337f1cc30a657efdb3711fd6c
495f85ab8534c5c9
c31270302e5912969715550dea999049db9f78ffccfe9f09d4c122b84778d7768c2b92abd49d8cea3d6b3887dc210b783e56bb984ab5125920926ba1
033c9da32464a983305b3c2151ee591b6f60a5b4472da53ab28b6f7436090e6296f89d97755e8a627b93d021f000f7fdfc61f35ba1b4f164d41cba58
ff008816af3eff81
A file HOW_TO_DECRYPT.txt
has been created on the desktop:
> type .\HOW_TO_DECRYPT.txt
~*~*~* The FLARE-ON Encryptor ~*~*~*
All your files have been encrypted with a powerful combination of
symmetric and asymmetric cryptography. Do not tamper with the encrypted files.
It is of no use and will only risk corrupting your data.
To get your files decrypted send lots of cryptocurrency over Tor.
You'll need to copy and paste us these values to get your key.
<
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1,
de0525f5bab9139bbd06722c24bbf235f104a71c215697e63110620b96599760fd5c4496e2a3de3ce4c3b4cdea76e032ed73e1554fb834beba467976
5a5847a237129b506da4ca63fb64ea31a44d0a6aec0866a52c32a4036492a301bcfa1be1e7e729bf1d7bbded6b3cbd708ef6d5b195788a864765e238
3501c608456ea83d,
06c224715e06eb5ee92548301c008e88aab2d091677bf797ff9833d0b74a50f593b626b86fa10502cb79eb3745a0243eca7309a6b709f078bb998560
baeffec2126063269fa5e4e12f844f9bd29bb26c2e6811546cb8f5f570af78641322c792247958f9a9300e6934be1bf337f1cc30a657efdb3711fd6c
495f85ab8534c5c9>
3.3 C file test
I encrypted the file with the content as “test” and renamed the file:
> .\flareon.exe .\inputC.txt.EncryptMe
.\inputC.txt.EncryptMe
1 File(s) Encrypted
I read the contents of the ciphertext:
> type .\inputC.txt.Encrypted
$ö-?
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1
b2c367db1c00d52ac92748495cec3932d5367aff94d4a40ccc4a09eec212ef78e12ddc10b86cbedae4009e08259b38ed7d9ae783a740b008ad0f7fdb
b61e9afa726940d9bda6f6c02f3d30152dd5c8a28b6fb477550c659dc63928b570d698566e5c7777edb532363a46f1ddc0764f01887425d5358f0701
82d84aeb5a26eb71
80ee9303192ad14cead128acd957bae6b71b1afffb10c623b51f45b3ede7d670e0e843ed468115c8b6f2b0721213d7d9a15a8afb1515504af82d2f7e
3912131df015845545ad87573c7f0c5204db50ec7146f21e8fe61dae0fe7db93bf50b785abb67da20b245381c1b08c3bf3ecdffb96688b07ea7cd855
d92f38bcb90c0f3e
50077afa5034a882a5e4e7aaa01b1afbaad10f28824545c943809d7a4920a2910fc4ae7e3b6c77d18143968e82671d77c14097d3e1b6de0d5581c71a
44f342fecd2192e5e2043e1ba898a865225cf1775e648cd44aae141bd5046c4d932cc91ab2ac33b154b2d84363e70d7720f444c2138e7e235bf314b4
9e1bfbf162730ae8
A file HOW_TO_DECRYPT.txt
has been created on the desktop:
> type .\HOW_TO_DECRYPT.txt
~*~*~* The FLARE-ON Encryptor ~*~*~*
All your files have been encrypted with a powerful combination of
symmetric and asymmetric cryptography. Do not tamper with the encrypted files.
It is of no use and will only risk corrupting your data.
To get your files decrypted send lots of cryptocurrency over Tor.
You'll need to copy and paste us these values to get your key.
<
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1,
b2c367db1c00d52ac92748495cec3932d5367aff94d4a40ccc4a09eec212ef78e12ddc10b86cbedae4009e08259b38ed7d9ae783a740b008ad0f7fdb
b61e9afa726940d9bda6f6c02f3d30152dd5c8a28b6fb477550c659dc63928b570d698566e5c7777edb532363a46f1ddc0764f01887425d5358f0701
82d84aeb5a26eb71,
80ee9303192ad14cead128acd957bae6b71b1afffb10c623b51f45b3ede7d670e0e843ed468115c8b6f2b0721213d7d9a15a8afb1515504af82d2f7e
3912131df015845545ad87573c7f0c5204db50ec7146f21e8fe61dae0fe7db93bf50b785abb67da20b245381c1b08c3bf3ecdffb96688b07ea7cd855
d92f38bcb90c0f3e>
3.4 D file test
I encrypted the file with the contents of LoremIpsum
:
> .\flareon.exe .\input.txt.EncryptMe
.\input.txt.EncryptMe
1 File(s) Encrypted
I read the contents of the ciphertext:
> type .\input.txt.Encrypted
▬ź^Üí=☼WA§
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1
e8bea44827766de4bde2f9221474e1a40e99592250557ce42a620f1d62390cc9f9a756d919c609c7ed512e3e8cd6ec05045f4903fd0d2758d3617145
cec7fd2fb74767cfb66b2f45ede922c5f1e9cd0231c13833f75115d562fb2e44cee7726904db770645ad3c9fd348ac9b0c48b53f04e9e6a783566f70
2849c9e888e40475
1ff168796c837751c2fc4116e4c64ed15ea9c30fd07b1a109917b2ee298081cb49d2f65d1c837a25c77bf639921140eff7a012c0bf0ab4981b5a4ba9
d738cd34897589028b5f5e6247ebb8d6d1a19b6c6ec5e8973d6c55124abe3c3d04581f4159b3d5da5e7ddc5ab400d4c56b86f07993edeb0ba406cc59
454f83cc9da106f4
9bae7b05e776090d5349e8db302d8c48ec451ff40b9e116c6692c0e812c577a3d0207757558bc770b9be357d02af717712ab5eef5ec1866f9971db35
f7dfd4d12523d0348cab9b56a6a3d34307700bf33b50550360854aa3a147767aaae6bd347b686188e580945617bd356d012ab4e31ede4e32c9f3c132
73d5c1aaa8c25bde
A file ```HOW_TO_DECRYPT.txt`` has been created on the desktop:
> type .\HOW_TO_DECRYPT.txt
~*~*~* The FLARE-ON Encryptor ~*~*~*
All your files have been encrypted with a powerful combination of
symmetric and asymmetric cryptography. Do not tamper with the encrypted files.
It is of no use and will only risk corrupting your data.
To get your files decrypted send lots of cryptocurrency over Tor.
You'll need to copy and paste us these values to get your key.
<
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1,
e8bea44827766de4bde2f9221474e1a40e99592250557ce42a620f1d62390cc9f9a756d919c609c7ed512e3e8cd6ec05045f4903fd0d2758d3617145
cec7fd2fb74767cfb66b2f45ede922c5f1e9cd0231c13833f75115d562fb2e44cee7726904db770645ad3c9fd348ac9b0c48b53f04e9e6a783566f70
2849c9e888e40475,
1ff168796c837751c2fc4116e4c64ed15ea9c30fd07b1a109917b2ee298081cb49d2f65d1c837a25c77bf639921140eff7a012c0bf0ab4981b5a4ba9
d738cd34897589028b5f5e6247ebb8d6d1a19b6c6ec5e8973d6c55124abe3c3d04581f4159b3d5da5e7ddc5ab400d4c56b86f07993edeb0ba406cc59
454f83cc9da106f4>
3.5 E file test
I encrypted a file containing 256 letters a
:
> .\flareon.exe .\input.txt.EncryptMe
.\input.txt.EncryptMe
1 File(s) Encrypted
I read the contents of the ciphertext:
> type .\input.txt.Encrypted
't@u↨$ť "ČĆQz?┼HĘ♀"Âń/)aĎ},"é♠◄MţüŇt‼şB˛¸D»nk˘źNuâ÷]?cň g6"aŠ\ł?>ä;«â↨î0'ąŇ˙↑:,J+LsaI<Ů
ke>8 <ÂC EMţ}Lł↨\'˝ű |♫Ťëi↓ü<¤▼04$MSúlç?şjat> ?Rn'WáőôÔC¶¨őo8☺u┼ĺ"ľÚ>u◄&ž-"X¸PËą/Ö‼e¤♦∟AIy♥{F#CŃ«¸Ä˙♠)
ŕ÷f
ALî§ëwł/0+¤♦?«J^2őA-ŢÉ☼âXßźŹphŘzŕş|FQV→ĺę↕/˝Qҧ♂-Ż%đ}6Ěé»Ď♣
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1
d6dded583d7ff6afa5a4ff8b6ea78903d2deeff0c998c68266d067d2a620134fc020cd6b34ea9c3788c7ce99f3e1745f6ea1379710180cf610cfed0a
6ab29553eef1697e994113cea91d95b6ad4ac302286615f3c8415371c291c122f4b2cb2daa2ea5f2cdda69d1c6c87e6ac39a16b685907a23a8859d67
13b77440ff4807b5
4490457663481638b64d15563760f27d3f3e9fa80344ef785b8c2a21eb87e9ca695681f424fcf5e2e0bd49998e6ae79b40b729e053c9a58942abc4ce
ac8f9e4b860c68bb73b3dbd3783062da2df79ed4605a7ae5486b31733fb12cf24e4cb54fff1b28ed905d808d397017fe0754f29a083784b53cb20029
29899a08aae653c2
1d182d5e3a7ab69576fb9a2ec10b8a4dba38b859b3340c55953bee6f8b7f5faf915d9dde6ae1c9331fe3a9575ffc397b7c76ab0da9f5d95c1a167a92
a265e27348433e9fb8204eccb3d520c848916cbbdef17f9fdc5ff987fb3fc5db4040a58833fb150e686840e88c3f4479006e95aa04165d79fcbf7b51
d06f5373c80ae607
> type .\HOW_TO_DECRYPT.txt
~*~*~* The FLARE-ON Encryptor ~*~*~*
All your files have been encrypted with a powerful combination of
symmetric and asymmetric cryptography. Do not tamper with the encrypted files.
It is of no use and will only risk corrupting your data.
To get your files decrypted send lots of cryptocurrency over Tor.
You'll need to copy and paste us these values to get your key.
<
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1,
d6dded583d7ff6afa5a4ff8b6ea78903d2deeff0c998c68266d067d2a620134fc020cd6b34ea9c3788c7ce99f3e1745f6ea1379710180cf610cfed0a
6ab29553eef1697e994113cea91d95b6ad4ac302286615f3c8415371c291c122f4b2cb2daa2ea5f2cdda69d1c6c87e6ac39a16b685907a23a8859d67
13b77440ff4807b5,
4490457663481638b64d15563760f27d3f3e9fa80344ef785b8c2a21eb87e9ca695681f424fcf5e2e0bd49998e6ae79b40b729e053c9a58942abc4ce
ac8f9e4b860c68bb73b3dbd3783062da2df79ed4605a7ae5486b31733fb12cf24e4cb54fff1b28ed905d808d397017fe0754f29a083784b53cb20029
29899a08aae653c2>
3.6 The contents of the file SuspiciousFile.txt.Encrypted
.
I read the contents of the ciphertext that is the subject of the task:
> type .\SuspiciousFile.txt.Encrypted'
��ce�^�����‼�1:��m��4!F+o�0�*y��{f ��X☻=�¶k�`�♠HM�q�♠5�K�Q�♠�i+�%[
9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e
235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9
906e22baba2f82a1
dc425c720400e05a92eeb68d0313c84a978cbcf47474cbd9635eb353af864ea46221546a0f4d09aaa0885113e31db53b565c169c3606a241b569912a
9bf95c91afbc04528431fdcee6044781fbc8629b06f99a11b99c05836e47638bbd07a232c658129aeb094ddaf4c3ad34563ee926a87123bc669f71eb
6097e77c188b9bc9
8e678f043c0d8b8d3dff39b28ce9974ff7d4162473080b54eefaa6decb8827717c6b24edfff7063375b6588acf8eca35c2033ef8ebe721436de6f2f6
6569b03df8c5861a68e57118c9f854b2e62ca9871f7207fafa96aceba11ffd37b6c4dbf95b256184983bad407c7973e84b23cd22579dd25bf4c1a037
34d1a7b0dfdcfd44
5a04e95cd0e9bf0c8cdda2cbb0f50e7db8c89af791b4e88fd657237c1be4e6599bc4c80fd81bdb007e43743020a245d5f87df1c23c4d129b659f90ec
e2a5c22df1b60273741bf3694dd809d2c485030afdc6268431b2287c597239a8e922eb31174efcae47ea47104bc901cea0abb2cc9ef974d974f135ab
1f4899946428184c
3.7 Conclusions of the preliminary analysis
A comparative analysis of the files led to the following conclusions:
- The beginning of the file
.Encrypted
is a ciphertext. - The ciphertext is the same length as the plaintext
- Each of the
.Encrypted
files contains 4 strings of 256 characters. - It is likely that each of these strings represents a word of 128 bytes.
- Each
HOW_TO_DECRYPT.txt
file contains the first 3 128-byte words present in the corresponding.Encrypted
files. - In each of the
.Encrypted
files, the first 128-byte word is repeated (it was the same in each file). - The software does not require a key.
- The key or its element is shared for the encrypted files.
4. Static analysis
I have identified the most important functions:
Encryption with the ChaCha algorithm The special feature, which was a clue to the recognition of the algorithm, was the fixed initial state element of the ChaCha algorithm
expand 32-byte k
.Encryption with the RSA algorithm. The peculiarity, which was a clue to the recognition of the algorithm, was the quite frequently used exponent 0x10001 (65537) in the RSA algorithm
I also noticed that:
The drawn key of the symmetric algorithm was encrypted with the asymmetric algorithm. However, I did not know the exponent (sic!) and divisor n.
The fragment of the stored key (actually a string of key+nonce) always contained 4 bytes
0
.Analyzing the code, I determined that the data necessary for decryption therefore had to be stored in the
.Encrypted
file.
5. Reading the flag
So I developed a script that:
- determined the role of stored numbers (message, private key, divisor) in the RSA algorithm,
- decrypted the key of the ChaCha algorithm
- decrypted the file
import itertools
import malduck
def decode_chacha_state(initial_state):
hexed_initial_state = hex(initial_state)
initial_state = bytes.fromhex(hexed_initial_state[2::])[::-1]
key = initial_state[0:32]
nonce_start=32+4
nonce = initial_state[nonce_start:nonce_start+12]
return key,nonce
def get_ciphertext(filename, ciphertext_end_mark):
content = None
with open(filename, 'rb') as f:
content = f.read()
ciphertext_end = ''.join(chr(a) for a in content).index(ciphertext_end_mark)
ciphertext = content[0:ciphertext_end]
return ciphertext
def find_initial_state(numbers):
CONST_CHACHA_FRAGMENT = '00'*4
result = None
for permutation in itertools.permutations(numbers,r=3) :
m, e, n = permutation
initial_state = pow(m, e, n)
if CONST_CHACHA_FRAGMENT in hex(initial_state):
result = initial_state
break
return result
A = 0x9f18776bd3e78835b5ea24259706d89cbe7b5a79010afb524609efada04d0d71170a83c853525888c942e0dd1988251dfdb3cd85e95ce22a5712fb5e235dc5b6ffa3316b54166c55dd842101b1d77a41fdcc08a43019c218a8f8274e8164be2e857680c2b11554b8d593c2f13af2704e85847f80a1fc01b9906e22baba2f82a1
B = 0xdc425c720400e05a92eeb68d0313c84a978cbcf47474cbd9635eb353af864ea46221546a0f4d09aaa0885113e31db53b565c169c3606a241b569912a9bf95c91afbc04528431fdcee6044781fbc8629b06f99a11b99c05836e47638bbd07a232c658129aeb094ddaf4c3ad34563ee926a87123bc669f71eb6097e77c188b9bc9
C = 0x0c8e678f043c0d8b8d3dff39b28ce9974ff7d4162473080b54eefaa6decb8827717c6b24edfff7063375b6588acf8eca35c2033ef8ebe721436de6f2f66569b03df8c5861a68e57118c9f854b2e62ca9871f7207fafa96aceba11ffd37b6c4dbf95b256184983bad407c7973e84b23cd22579dd25bf4c1a03734d1a7b0dfdcfd44
D = 0x5a04e95cd0e9bf0c8cdda2cbb0f50e7db8c89af791b4e88fd657237c1be4e6599bc4c80fd81bdb007e43743020a245d5f87df1c23c4d129b659f90ece2a5c22df1b60273741bf3694dd809d2c485030afdc6268431b2287c597239a8e922eb31174efcae47ea47104bc901cea0abb2cc9ef974d974f135ab1f4899946428184c
E = 0x10001
numbers = [A, B, C, D, E]
initial_state = find_initial_state(numbers)
key,nonce = decode_chacha_state(initial_state)
ciphertext = get_ciphertext('./SuspiciousFile.txt.Encrypted', '9f18776bd3e78835b5ea24259706d8')
plaintext = malduck.chacha20.decrypt(key, ciphertext, nonce).decode()
print(plaintext)
After running the tool on the standard output, I read the message:
Hello!
The flag is:
R$A_$16n1n6_15_0pp0$17e_0f_3ncryp710n@flare-on.com
Thus, the flag is:
R$A_$16n1n6_15_0pp0$17e_0f_3ncryp710n@flare-on.com