Christian Leipold/ November 11, 2021/ IT-Security, Write-Ups/ 0Kommentare

DamCTF 2021



A hacker was too lazy to do proper encryption. However, they left us some examples of how their encryption "algo" was supposed to work.

original text : "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum."

encoded: "Lpthq jrvym!frpos"vmt!cpit-"fsntgfxeuwu$aeksmsdkqk fnlx,!uhh eq#iivupsd!vhqppt#mndkgmdvpw$uu"oebpth$eu"gslpth$mbiqe bnluub0#Yt!gqmm!cg$mjplq wgqman.#uuju#rotvuyd!g{irdkwetjqq$umndqcp"oebptlw okvm vv#eljsxmp!g{$eb"fsmnqgs dqqwerwdx.!Fxms!cxxe!kuyrf"gslpt#mn!thtrfjhrdftlx jp#zomwsxaug#zemkw$etuh$cjnoym!frposg#iu!hxkibv#rumnd$pbtletvt1$Eyehttfwu$sjpw$odedicbv#guqkgetbv#roo"svojfhrt-"vynu"lr dwota!sxm phimcjc#hetguynu"pslmkw$aokp$ie"hwt!ndfoswp2"

Find the pattern!

Maybe you should try the same pattern on this string:


Make sure you wrap your solution with dam{...}!

It looked to me like some of the characters don´t change during the transformation. So I found out that the first char wasn’t changed, for the second they added one char (e.g. A->B) than two (e.g. A->C), three and four, and then there was a reset back to 0.

Plaintext:   AAAAA AAAAA
Key:           01234012340
Cyphertext: ABCDE BCDEF

There was a second plaintext to be transformed with that pattern:


When I saw the pattern, it was about half past 5 in the morning and because of a shortage of energy drinks in front of the keyboard at that time it was much easier to do it manually - at least I thought that.

And yes you´re absolutely right, I did the manual transformation about 5 times to get it right.
Next time a script is maybe the better solution, but we will see.
So finally, here is the dam flag: 😉



Share this Post

Hinterlasse einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert