Skip to main content
  1. Posts/

All-Army CyberStakes 4 - Cryptography (Really Senseless Admins)

·318 words·2 mins

Here, we are provided with two files: flag.enc, containing a very large decimal number, and params.txt, containing three decimal numbers, p, q, and e. Based on the challenge’s title (Really Senseless Admins), these numbers must be the parameters that generate the RSA private key which decrypts the flag. Using the tool provided by CrypTool, we can easily generate the key and decrypt the flag by simply copying and pasting the values into it. However, it’s still worthwhile to understand the underlying theory behind how RSA works, for both knowledge purposes and to help in a later challenge. You can read into it here.

After decrypting the message contained in flag.enc, we get a slightly smaller decimal number. One thing to remember is that all information contained in memory is stored as and can by represented by a number. Hexadecimal numbers are used since it’s easy to represent individual bytes of data with it. Every 4-bits of data are represented by one hex number, so a byte (8-bits) is represented by two hex numbers. For example, the string ABCDE is represented in hex as 0x4142434445.

We can also represent these hex numbers as a normal decimal number. If we convert the previous hex number into decimal, we can also write the string ABCDE as the number 280284578885. Keep in mind, this is an unusual way to represent strings since, unlike hex, a small change in any character will drastically change the entire decimal number. Changing the string to BBCDE causes it to become the number 284579546181, while its hex version simply sees a change in the first two places, 0x4242434445.

To get the flag, we just need to apply this principle in the reverse direction: Convert the decimal number into hex and then decode each byte into its character equivalent. We can easily perform this task by using CyberChef again.

Decimal Plaintext: 104873340459054924181115292546315913092670500490515826417481341
Hex Plaintext:     0x4143497b5072316d33735f54214d337a5f34373533393062367d
ASCII Plaintext:   ACI{Pr1m3s_T!M3z_475390b6}