hulksmash
2024-08-08 20:37:52 # TJ-CTF-2024

my friends password is keysmash…. :(… i got some of his old keysmashes tho…. he types kinda funny….

output.txt
keysmashes.txt
main.py

Here’s all the files:

keysmashes.txt 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
fjdlska;sjfldka;
fldjs;akdka;flsj
d;flskajdlajf;sk
skflajd;a;djfksl
akd;sjflfja;dksl
flskd;ajs;fkajdl
fkald;sjaksldjf;
skd;ajflflajs;dk
fjs;dlakfkajd;sl
akfjdls;sldka;fj
fldjska;ajfkdls;
fjska;dla;slfjdk
s;fldjakdjfksla;
a;dkslfjdja;flsk
akf;djsldlf;skaj
sldjakf;a;fldksj
dlfka;sjskaldjf;
ska;djfls;akfldj

output.txt

1
ed05f1440f3ae5309a3125a91dfb0edef306e1a64d1c5f7d8cea88cdb7a0d7d66bb36860082a291138b48c5a6344c1ab

main.py

1
2
3
4
5
6
7
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad

key = open("key.txt", "rb").read().strip()
flag = pad(open("flag.txt", "rb").read(), 16)
cipher = AES.new(key, AES.MODE_ECB)
open("output.txt", "w+").write(cipher.encrypt(flag).hex())

Basically, this challenge revolves entirely around using the keysmashes.txt file to figure out the key. I’m honestly a bit surprised this wasn’t solved that much, but I guess a lot of people just missed the patterns. There are two patterns you need to see:

  • The letters of each line in keysmashes.txt alternate from one letter in “asdf” and one in “jkl;”.

  • 2 of each byte of “asdfjkl;” is included in each line.

And… that’s it. Easy implementation from here on out: 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# f = open('keysmashes.txt', 'r').read().split('\n')

# chars = 'asdfjkl;'
# for i in f:
#     counts = []
#     for c in chars:
#         counts.append(i.count(c))
#     print(counts)

import random
from tqdm import trange
from Crypto.Cipher import AES
from binascii import *

even = list('asdf'*2)
odd = list('jkl;'*2)

def key_gen():
    key = ''
    for i in range(16):
        if i % 2 == 0:
            key += even[i//2]
        else:
            key += odd[i//2]
    random.shuffle(even)
    random.shuffle(odd)
    return key.encode()

ct = unhexlify('ed05f1440f3ae5309a3125a91dfb0edef306e1a64d1c5f7d8cea88cdb7a0d7d66bb36860082a291138b48c5a6344c1ab')

for i in trange(479001600//2**7):
    key = key_gen()
    cipher = AES.new(key, AES.MODE_ECB)
    pt = cipher.decrypt(ct)
    try:
        print(pt.decode('ascii'))
    except:
        pass
tjctf{low_entropy_keysmashuiyf8sa8uDYF987&^*&^}
Prev
2024-08-08 20:37:52 # TJ-CTF-2024
Next