Score:0

How can I decrypt an RC4 encrypted text when knowing the first 8 characters of the plain text secret?

cn flag

I'm having difficulty decrypting a secret message as a part of a CTF and I was wondering how could I decrypt an encrypted text that has been encrypted with pycrypto RC4 and when the first 8 characters of the plain text secret are know. Here is the secret that is in the code:

secret = b'Sff3az11oTAChXcnaCvx2i/P7pZWLMPWX7xV0zxFY2XYRhqbik8bS6kQOymHYi3j0ZoP4NFLTtJHR8iXFtljDcDpoFeEnZU0KqQNYPR+ovQ9eQ2iNE0+yCl3+5gLKp838zH26Wdu/N1rr43fYIahah2OxpahqpG/7RmUbhjpSttu+UFk0lytQOM82IIo8B1aPgbBVFNJIxb1f+UQIcUHksW5aG8nQq3/4XNYvMAN2wCWsigvGJAalXShoiA3YSGQCVrMyOlKaJteeU9aehYXzzHyNGEcz1twpVJwfSB/rJ/gYtVh44locd+oCfuKP2UkvFF/PkRm5Cg4Ps1Nn0GBWFzKNR7zwVlQQSx7xEF6yEpR7YH5otNdK55/+LgjXREAR6oD91xL0uY1FossRnAZFag3NxW17wEpeGUwS5yw9GwnB6lhy3jnmZpS2FIRJkl6r6RMXCBIC6lTj0IGm87dNygmoB3pi98exSFsT+l+gFtij36HQp5BOE3UsDz8prfvjM7KQsSI4xWCwC7H+q0MxZXGdfOWlWaYxEJigQ11N53+DUResbWpMA2cwDeLhDIuou2YP90EryOrvvL512FVQWiYblE983sDpRUvtY+jYQuYAu8qeSCA5yRXT//EMZC0z6QaLavZUnZqA54JilNxiZydK9ib46A+cHgKeq7yh1eIKiMph7uMuH67Y9tcDRVMQd5aACmEYSejkCggRoNVkVn+xYsf2nadJ03+L0D33IXGDesbgPciW6bBrvMQn4XG7WB8DR/7i28DhHnBWNtpDmZ196hWa5ANxS89LHeBZA/cazb/8YVRFVKiewjgsHwdncR722uL+isklguTa6C+JS+hhr476Wccf+Ey7R4D7SFnZ+hiUPYMXcmerGpGn2HJE3aalKxgatbL+LhEqwNJFYrT63hbDDJ6GSUCjULQlq39jdOcRCPMM0Mss+Df5pSw/aavrtsCDsTx2w6FS599LARBdHeyJHPZfvFaADiV7GCEJwIfSPGO7hiqjLzr9WAa8NIkRJ7yJhv5LAViU3VH5R+FclJ8VA34J3jyagTHOeyBMWGdZeA81g43mEWZJWQV2gIqhu6bwfWk+abNRcr1NQ4GUVIEN/HcAKh6fsDF569PRnuVvjnvCS6P1xiJZwyAP3PiDElIsIJ+dL5CIAcn8PV5SPyBDn7CJ1LRnqni+9dUMx450FOqnPJYeDSq/r4i3rDGrYfz0ti1AmgYecxVbpbToplMCEd/TFDJiYJdsVbVRwJeLGSBeF/ULfo6oqpz70Gnhv/Q2es8kVrOJId7Ktfwy5N+sTdqg1wTuHCly3mGihROW5Ye+dFPNRU/B/OlRz76UpbQjzaui7ZJhWU6ub+cg3ODriW7sBCIUrk8O3//jd7BaUvhSrxx9O9DNvttnkAeGmYjCOZkTmkTg5Cre/0D5+VQBiHCmh6ntSOcwK6PJIsbexcjRxbJQbXVTtXcWqp8kLbD4po5uT5I4doFNFJM8VwARvGIbaAPMs1Xu01d2tKITCo1nySck+FbaM9Qx39VpTkkS2BeGZygWHMtWdfOC/Td3Tsr+FVWNp+yX16HR3UOkhB7wjBEQmRC5kpK6SN0mY/OY1FUeAN82gLyQw5Yks1tcq8vLQ06tEGnCC0bacEhYTZFAWjsfjtMQd+1yk862UTTfJng3fYfL2AnDiRVtM/wzCGbjVumtQsD4Ktrac63nvWD1BQDV1z0VHzUiQ4syLdH2I67duc/pK9HpvBN/6biexczLSXxAXtIFQh0vdlS1oO8CR8WlDbxmD+aoP25dJpab5uYnJC9JkexB6oWnBZm0viRapmy8JGJe00880SZLLfiAvUevJYskrkw2HbP+Lje2/w/Z3yuLIgGiuc/6VBdX5iPk5Z1cs19co7agQXeRFeiXivr6psZu6Y1L3lW1tZCeNx00MGK+Uw7zJ8Qe8JjysKM0S+OV6u4kZsqQx1/kfBVkTQrKFd10hmGO3Uyz3hSXb1PHvTDuBa8nhzjL3fkWmFA7a4a7ABghBiyLcvP3dTWTZ+7Nz4ghYJdm4Wb0J30fZ/cZr+8WZzi2W5767pktvcGiXuLJSVo6f3BuEvjyFS0BYMp9viFjyeSzDRnFUkp1f+s55HK0bTibgDKDAHPegibTAPCaoiaeaNBbYSePJRiXgkCm0bQWEYMGc1BQQlnenfHmEL6U0GXB6SPxQxIAxHpP5sIWl4sMJ8+EfWkPKPuOOAy8oiidAXQD7Drdodi2W15qZcJvAZ+NMks98xFDPwMpX7Jq49upYz1tFFFr+saFgN52ZKGJCv9P0jQL2PyLvgVVHwBeWVOxKmLOFw+7ltTSGryCr7f9D9L4M/tRkrXNo0Fa/7+N4kAevmhFJ8vOQMRrYZ+yOINB0Cy66pbTC62Gz4xl87I+SZzrCPafEKti2taE6Dqmv4FWK82ZvlHOLV/U47a2eN7ESylrGb/VYY9eRdCSBDpT1LfCz0qKvHlN4C5JmBclsXGefRpJO+Vw9Xxc0G7mmqBx1vvNESuDGzFbsyshoY/usM3MkQWyDfITgD1Qvoqyv9lygHIobckR0Hx+O6JSAjAbv/a8S2xSecQVUa9GbGaZBzeot3p0Uwtpvpy7L8bVAhLvH7dGHwxoc7BNYz+IefKVzNWHm9BovALTt3uyhr/HzdldM+se2zW9OrUxRjFrnSF/AJHoAGUT20g5u5hQCJnMjba28vtUz3zFH65WyIjmqv6Vm8eDm7oSUOhZkDFyRV5x+xdYZUNWZS1D7cHVW0FMy0yO7FrYnwMWC2DrAOHCexJtkvT+nDHr8cMNkctWovwSsdgwLsJwFPwiqN2wqitO7wmi7yizcO/keuCzdJh4Vs64tRZi8TLNt6OTNWLzI3TfMeiY0/5rU8bQuU3YbRL0L1neQKF87Vzz28d9ifiQhmPectf1FpRzdEA5uGI7SBrOUVvYq/Co3AXcvA8wkpvGuYa9DNCnFH/R4IP3ug7bUZHfFUKUs2EcZ0TsM9Ceco/q70VL8rsBvl7N0fSO4mCFZVAKRNG6ZMzfXqY40OuD5TdJ3rgIVX9Y0T3d8D+FlWK/pDXeZY2egEwEiFRzAoWgj/oOJHBDr2F80XIDsVcRLeSPontP6WEl9woWURpan2Ysipv5ehjAPFgDMQYTyyZkYM0a3J+Mh1hQfqbTUycrJh9t6Dxc6nId5pkFX13pUnlXsghdmLc4+ezy5iE55SO8oK93MuFUMo0E5A+B/amsfGgBiQa90C7XXClX3UXtPm4cpYQ6GRQT+cND5VoGiDrEycqXVntRWWJDMPRnhxBC4nP9CL/2jEukiFeOT6n3FLrJZM2KhsVq9g='

and here are the first 8 characters of the decrypted text: VQ0NCgAA

Also here is the full provided code for anyone wondering:

import base64
import marshal
import io
from Crypto.Cipher import ARC4
key = input('Enter correct key: ').encode('utf8')
cipher = ARC4.new(key)
secret = b' ---- snip -----'
plain = cipher.decrypt(base64.b64decode(secret))
if b'VQ0NCgAA' == plain[:8]:
    print('Correct')
    bytescode = io.BytesIO(base64.urlsafe_b64decode(plain))
    bytescode.seek(16)
    implant = marshal.load(bytescode)
    exec(implant)
else:
    print('Wrong')

Sorry if this is a noob question but I'm new to cryptography and really curious on how something like this can be achieved.

Score:1
ar flag

The obvious approach would be to brute force it. Maybe the key is short, or something like a dictionary word. At least I can't think of any better way.

Ps. Once you do find the key, I hope you're not going to run that code without modifying it first. If the prefix matches, it will load and execute whatever code is in the encrypted payload. Do you absolutely 100% trust it not to wreck you system or install a hidden backdoor? I wouldn't…

cn flag
yes i did try it against the rockyou.txt word list. Should I try it against other wordlists as well or should i try random strings? And yes don't worry, I did change the script to only print out the output and not execute it
Score:0
in flag

The answer seems to be to find the correct key. Maybe you should try harder?

I found one key that produces the desired plaintext, the implant printed out R0VOWntoMG5leV9oMG5leV9oMG5leV9wMHRfZnVsbF9vZl9tMG5leX0K However, this seems like that it is just junk. Maybe there are also other answers.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.