Encodings, shift cipher, brute hashes and picture creation using PIL python. Problem solving with r0ot-mi Cryto. Part 1

image



This article contains solutions of Encoding ASCII and Encoding UU tasks aimed at encoding, Hash Message Digest 5 and Hash SHA-2 - to find the prototype of the hash, Shift cipher - shift cipher, and Pixel Madness - to compose the picture.



Organizational Information
Especially for those who want to learn something new and develop in any of the areas of information and computer security, I will write and talk about the following categories:



  • PWN;
  • cryptography (Crypto);
  • network technologies (Network);
  • reverse (Reverse Engineering);
  • steganography (Stegano);
  • search and exploitation of WEB vulnerabilities.


In addition to this, I will share my experience in computer forensics, analysis of malware and firmware, attacks on wireless networks and local area networks, conducting pentests and writing exploits.



So that you can find out about new articles, software and other information, I created a channel in Telegram and a group to discuss any issues in the field of ICD. Also, I will personally consider your personal requests, questions, suggestions and recommendations personally and will answer everyone .



All information is provided for educational purposes only. The author of this document does not bear any responsibility for any damage caused to anyone as a result of using knowledge and methods obtained as a result of studying this document.



Encoding - ASCII



Let's start with the very first job - Encoding-ASCII.



image



We pass to the task itself. We see a sequence of 16th characters. The very first assumption is a regular hex (all characters are presented in the 16th form).



image



s = "4C6520666C6167206465206365206368616C6C656E6765206573743A203261633337363438316165353436636436383964356239313237356433323465" s.decode("hex")
      
      





image



We get the answer and move on.



Encoding - UU



image



We pass to the task itself. Even despite the hint in the name of the task, it is easy to distinguish files in UUE (encoding for transferring files containing non-textual data) - they start from the line:



 Begin_--_-
      
      





image



 s = '''begin 644 root-me_challenge_uudeview B5F5R>2!S:6UP;&4@.RD*4$%34R`](%5,5%)!4TE-4$Q%"@`` ` end''' f = open('./uu.enc', 'w') f.write(s) f.close() import uu uu.decode('uu.enc', 'uu.dec') ans = open('uu.dec', 'r').read()
      
      





image



We hand over the flag.



Hash - Message Digest 5



image



We are asked to find the prototype for the md5 hash. This can be easily done using this site (https://md5decrypt.net/). But we, for training purposes, of course, use hashcat. To do this, use the following parameters and codes:





image



We proceed to the next task.



Hash - SHA-2



image



As an answer, you need to give the SHA1 hash from the inverse image of this hash. The fact is that this is an extra character.



image



Delete it. In order to determine the hashing algorithm, we use the hashid program.



image



Of the presented algorithms, the most likely SHA-256. Hashcat showed how to solve such a task using hashcat, now we will do it using this

site .



image



It remains to take SHA-1 from this line.



 from hashlib import * sha1('4dM1n').hexdigest()
      
      





image



Shift cipher



image



Well, with the encryption algorithm, they help us. The same Caesar Cipher, only the shift does not occur in the range from zero to the length of the alphabet, but according to all possible 256 values โ€‹โ€‹of one byte. We will write a program that first shifts each character by 1, then by 2, etc. up to 255.



 s = open('ch7.bin', 'r').read() for x in range(255): โ€œโ€.join( chr((ord(y) + x)%256 ) ) for y in s)
      
      





image



Among the lines we find the one that contains the answer.



image



Pixel madness



image



We are given several expressions, and in the end they say that 0 is white and 1 is black. Most likely the result should be a picture. I suppose that in the expression you need not to multiply, but to repeat the required number of times a certain character.



You can quickly execute an expression using the eval function, but first you need to change the format 0x1 to '0' * 1.



 s = ''''0x3+1x1+0x1+0x1+0x7+1x2+0x15+1x1+0x8+1x1+0x8+1x1+0x1+1x1+0x1+1x1+0x1+1x1+0x1+1x1+0x3+1x1+0x1+1x1+0x3+1x1+0x1+1x4+0x2+1x1+0x25 '0x2+1x1+0x4+1x1+0x4+1x3+0x1+1x2+0x2+1x8+0x11+1x4+0x1+1x3+0x6+1x2+0x4+1x1+0x4+1x2+0x7+1x4+0x4+1x2+0x7+1x2+0x3+1x2+0x3 '0x3+1x1+0x2+1x1+0x2+1x1+0x11+1x2+0x2+1x3+0x7+1x1+0x4+1x2+0x2+1x2+0x7+1x1+0x6+1x1+0x2+1x1+0x4+1x3+0x1+1x1+0x4+1x1+0x2+1x1+0x2+1x1+0x3+1x1+0x2+1x3+0x2+1x2+0x3 '1x1+0x2+1x1+0x4+1x1+0x2+1x1+0x1+1x1+0x2+1x1+0x2+1x1+0x1+1x2+0x2+1x2+0x1+1x2+0x3+1x1+0x3+1x1+0x2+1x2+0x1+1x3+0x3+1x1+0x2+1x1+0x4+1x2+0x1+1x1+0x4+1x1+0x3+1x2+0x12+1x2+0x1+1x1+0x3+1x7+0x3 '0x3+1x1+0x7+1x1+0x1+1x1+0x4+1x1+0x2+1x2+0x2+1x2+0x4+1x1+0x2+1x1+0x1+1x2+0x1+1x8+0x1+1x1+0x4+1x1+0x5+1x1+0x3+1x2+0x2+1x1+0x1+1x2+0x2+1x1+0x3+1x2+0x9+1x1+0x1+1x2+0x2+1x3+0x2+1x1 '0x7+1x1+0x4+1x1+0x4+1x1+0x1+1x1+0x1+1x7+0x3+1x1+0x1+1x2+0x3+1x1+0x1+1x6+0x1+1x1+0x3+1x1+0x2+1x1+0x14+1x2+0x8+1x1+0x10+1x2+0x3+1x2+0x1+1x1+0x1 '0x6+1x5+0x4+1x1+0x7+1x1+0x2+1x1+0x3+1x2+0x4+1x1+0x8+1x1+0x3+1x2+0x1+1x2+0x3+1x1+0x8+1x1+0x2+1x2+0x1+1x1+0x3+1x7+0x5+1x2+0x2+1x1+0x2+1x2+0x3 '0x1+1x1+0x2+1x1+0x1+1x2+0x5+1x1+0x6+1x2+0x3+1x1+0x2+1x1+0x1+1x2+0x20+1x8+0x1+1x1+0x1+1x1+0x4+1x2+0x3+1x1+0x2+1x2+0x3+1x2+0x7+1x2+0x3+1x2+0x4 '0x2+1x1+0x3+1x5+0x5+1x2+0x7+1x1+0x4+1x2+0x2+1x1+0x2+1x2+0x1+1x1+0x3+1x1+0x6+1x2+0x2+1x2+0x3+1x2+0x2+1x3+0x1+1x1+0x6+1x3+0x3+1x5+0x3+1x1+0x4+1x1+0x5 '0x4+1x2+0x3+1x2+0x3+1x1+0x5+1x2+0x2+1x1+0x1+1x1+0x1+1x1+0x1+1x2+0x9+1x1+0x3+1x1+0x2+1x1+0x1+1x1+0x2+1x1+0x1+1x2+0x2+1x1+0x2+1x1+0x1+1x1+0x4+1x3+0x1+1x1+0x2+1x2+0x3+1x2+0x3+1x1+0x5+1x1+0x4+1x1+0x2 '0x6+1x5+0x4+1x1+0x1+1x1+0x2+1x2+0x6+1x1+0x1+1x7+0x4+1x3+0x3+1x1+0x4+1x1+0x2+1x2+0x4+1x1+0x6+1x1+0x6+1x8+0x3+1x1+0x5+1x1+0x7 '0x2+1x1+0x3+1x6+0x4+1x1+0x1+1x3+0x4+1x1+0x2+1x2+0x4+1x1+0x5+1x1+0x2+1x1+0x3+1x2+0x3+1x1+0x2+1x3+0x1+1x1+0x2+1x2+0x3+1x3+0x2+1x3+0x9+1x1+0x4+1x2+0x7+1x2''' s = s.replace("x", "'*").replace("+","+'") examp = s.split('\n') bits = [eval(i) for i in examp] print(bits)
      
      





image



Now create a picture using the PIL library. Let's add the following code, edit it and open the resulting picture.



 from PIL import Image width, height = len(bits[0]), len(bits) pic = Image.new('RGB', (width, height)) pix = pic.load() for i in range(height): for j in range(width): pix[j,i] = ( bits[i][j]=='0' and (255,255,255) or (0,0,0) ) pic.save('pixel.png')
      
      





image



I zoomed in on the picture, read the word SOLUTION. In fact, there are more stegs than crypts. This article will be interesting, most likely, only to beginners.



Further more and more complicated ... You can join us on Telegram . There you can propose your own topics and vote on the choice of topics for the following articles.



All Articles