~# cat Question

I just learnt about encrypting important texts! I always saw that encrypted texts came in a bunch of random numbers and bytes. So, I decided to make my own encryption algorithm. This is so secure, the cipher text looks so random!!! Nobody can figure out my encryption!

FILE: dist.zip

cipher.txt

Õɱ˜´lCÚÉ¡ÅÙoXbS³ä
˜ ê T2<£V˜Ëì%+Ó³V
4LŽÀÁ•‹
«üS±»'ùÿ$©
Ë>¿¨ûƒ·˜Â$«i—£·kg

ÿy㔐*槐,vFm¹-(p­T
¸à—Ñ´G©¤ê!T¹Ý¤:ÕÉd
„§û0–0¡Äô´ë
qî¸'k
3÷Ðo X³‚4¹|ÜÍG—€×)Õ
¸à—Ñ´G©¤ê!T¹Ý¤:ÕÉd
ÌcCï÷KÄ ‚…«©m1Ù§¤–
㎛ÁgÎnTò©ÚÉ0·mõÚ‡
ÌcCï÷KÄ ‚…«©m1Ù§¤–
Ž57ÿNóKxK\Ñ
4ζÕcc
)›7‘iú[ò/ñ([tZa
ÒaUy*ââ¤Ç’Ì2!ß[‡¦
ÌcCï÷KÄ ‚…«©m1Ù§¤–
ª©±’Cw‚;´…û8(Ö+÷Ýkº
?2á³´ky©òœß%H¿"Éò
ÌcCï÷KÄ ‚…«©m1Ù§¤–
NFä³zõÅq³z“ùÍýþ»
—j¼tÚ4
®"¯mt¼Î4i"
è
tݓ
v¹™Ø;¯|Á
ÌË
ÌcCï÷KÄ ‚…«©m1Ù§¤–
iÊ%±rÿ`DŒ.™¯ 5S
èÀcÖ¼Í[g8ûöÕEÞçÀª
f¾=!ÃH,¦šh:„šý$Ϙ¥
Î%0+‘-íò&ñºì½£°®åïÝ
™”ÍïëɲXÄ®1D/Ú)µùŽ
Ûâgåõ	p†ôÒMÕ	’yR°î|
]twÛ;™áAÃK¿?àrÀ=Ù{

encrypt.py

import hashlib
from binascii import hexlify

def xor(a, b):
    res = bytes([i ^ j for i, j in zip(a,b)])
    return res

def main():
    flag = "flag{<REDACTED>}"
    hashy = [hashlib.sha1(i.encode()).digest() for i in flag]
    key = [hashy[i] for i in range(4)]
    for i in key:
        for j in range(len(hashy)):
            hashy[j] = xor(i, hashy[j])

    with open("cipher.txt", "wb") as f:
        for i in hashy:
            f.write(i)
            f.write("\r\n".encode())

main()

Understanding the encrypt script

The script hashes each character of the plaintext (flag) using SHA-1, and then uses the resulting hash values to XOR the plaintext.

1. Hashing: For each character in the plaintext, the script calculates the SHA-1 hash value of that character. This results in a list of hash values, one for each character in the plaintext.

2. Key Generation: It then selects the first four hash values from the list (key = [hashy[i] for i in range(4)]) to use as the XOR keys.

3. XOR Encryption: It then iterates through all the hash values (hashy list) and XORs each hash value with one of the selected keys. This XOR operation changes the value of each hash, encrypting the plaintext.

Decrypting the cipher text

import hashlib
from binascii import hexlify

def xor(a, b):
    res = bytes([i ^ j for i, j in zip(a,b)])
    return res

with open("cipher.txt", "rb") as f:
    raw = f.read()

print(raw)
raw2 = []
z = b""
for i in range(len(raw)):
    if raw[i:i + 2] != b"\r\n" and raw[i - 1:i + 1] != b"\r\n":
        z += bytes([raw[i]])
    else:
        if len(z) > 0:
            raw2.append(z)
        z = b""

key = [raw2[i] for i in range(4)]
for i in key:
    for j in range(len(raw2)):
        raw2[j] = xor(i, raw2[j])

for i in range(len(raw2)):
    for j in range(256):
        if hashlib.sha1(chr(j).encode()).digest() == raw2[i]:
            raw2[i] = chr(j)

print("".join(raw2))

1. Reading the File: The script reads the contents of cipher.txt into the raw variable.

2. Extracting Encrypted Hashes: It then processes the raw data byte by byte to extract the encrypted hash values. It ignores any newline characters (\r) and groups consecutive non-newline bytes together, assuming they form an encrypted hash.

3. Key Generation: It selects the first four extracted hash values (key = [raw2[i] for i in range(4)]) to use as keys for XOR decryption.

4. XOR Decryption: It iterates through all the extracted hash values (raw2 list) and XORs each hash value with one of the selected keys. This XOR operation should result in the original SHA-1 hash values.

5. Hash Value Decoding: For each decrypted hash value, it iterates through all possible ASCII characters (0-255) and calculates the SHA-1 hash of each character. If the calculated hash matches the decrypted hash value, we can assume that the character was the original plaintext character used to generate the hash.

6. Reconstructing Plaintext: It constructs the original plaintext by concatenating all the identified characters together.

In short, the script extracts the encrypted hash values, decrypts them using the provided keys, and converts the decrypted hash values back to the original plaintext.

Flag: flag{h45h_&_x0r_1s_nO7_S3cuRE}