Vignere Cipher | "Salad Upgrade" (Hackcon2018 CTF)
Skills:
Ethical Hacking & Pen Testing70%
Key Takeaways
Applies Vignere cipher to solve Hackcon2018 CTF challenge 'Salad Upgrade'
Full Transcript
this is a video run up for the challenge salad upgrades from hack on 2018 challenge prompt is sure I could toss them all using one just one shift but am I gonna and it gives us a ciphertext right here so we can go ahead and copy this and start to work with it I will go ahead and check if it is a Caesar cipher just as we saw in a previous challenge we can go ahead and look through some other keys with just a simple for I in and bash bring it to all the numbers in the alphabet go ahead and echo that into Caesar with the value that we're looking for however it doesn't look like that it is a Caesar cipher race you know the flag formats in here so what I did moving on from this is trying to figure out what other cipher it may be since it's saying it's using not just one shift assumingly we can determine that it may be a venire cipher so I tried to track down some code that I've written in a previous competition you can see some of the stuff from TJC TFI videos on that if you would like to check them out let's go ahead and subl that and just take a look at what we have to work with we do want the flag that we have given in cipher text paste it in here to work with and let's try and see what we can do considering we should know what the first part of the flag should be in this case we could probably track down that dart code curly braces portion and determine what it should really actually be let's just use the key assuming we want to work backwards so let's just use dark and let's take the first four letters here and let's see if we can get it to decrypt we don't need all this code from the previous CTF but we can take a look if we are decrypting that message with the key pasted that oh I have a fail substring not found and that is because we are working with numbers and we can actually determine rather than removing punctuation let's actually keep some of that stuff and the numbers let's just determine if we get a key error just like that as we'd seen we can go ahead and append to the original old character like just use the cipher letter in that case or we want the compressed message number because cyfle error is not there now when you run this okay we've got a value B for de and I thought that was kind of I started that for a while and some people that I was working with on my team again if you want to hang out with other CTF players hackers and programmers please join the discord server we always team up for games like this link in the description be for de it looked like that for was out of place but just because of the flag format so maybe it was actually meant to be AC in which case we have BCDE so I'm assuming that that is potentially just the start of the alphabet just kind of shifted as we'd seen before so that gives us dark and now we can add on the rest of the alphabet if we wanted to or the holy goodness look do I know the alphabet right here cool we could have just imported that or use it from string just shifted it if we wanted to but typing it out was easy and fine for that then we'll use the rest of the message and we get okay I totally did mess up what alphabet meadow did I miss oh I moved x and y my bad all right cool now we have the flag this is rotation code and we can go ahead and save this as our get flag script cool and yeah let's go back to save what we had from the original message so now we could submit that flag if we particularly wanted to however the challenge is over so unfortunately we don't need to but we can just mark this challenge as complete and that's been some handy venire cipher code and if you want to take a look at that let me check out the TJ CTF video where I go ahead and write it and it takes some time so quick shout out to the people that support me on patreon thank you guys so much $1 a month on patreon I'll give you a special shout out just like this at the end of every video more than five dollars a month on patron will give you early access to everything that I release on YouTube before it goes live because I normally schedule things and record in bulk at cetera et cetera please do join our discord server link in the description again we always play CTF as a team we just like work together and it's an awesome collaborative community CTF players programmers is a really cool place to hang out I hope to see you guys on patreon please fingers crossed need a foot put on the table need to put food on the table I'm bad at talking and I'll see you in the next video thanks
Original Description
If you would like to support me, please like, comment & subscribe, and check me out on Patreon: https://patreon.com/johnhammond010
E-mail: johnhammond010@gmail.com
PayPal: http://paypal.me/johnhammond010
GitHub: https://github.com/JohnHammond
Site: http://www.johnhammond.org
Twitter: https://twitter.com/_johnhammond
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from John Hammond · John Hammond · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Code Commentaries? PHP to JavaScript in Bash and PHP!
John Hammond
Tutorials? MySQL connection with PHP and Bash!
John Hammond
Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
John Hammond
JavaScript Splits The URL!
John Hammond
HTML Tables in Python!
John Hammond
HTML, Net Shares, GML!
John Hammond
Python 08 Programming Style and Comments
John Hammond
Python 26 Object Oriented Programming
John Hammond
75 Python Tutorials, Out Now!
John Hammond
Batch 14 Mathematical Expressions
John Hammond
Batch 85 Array Append
John Hammond
Batch 86 Array Count
John Hammond
Batch 87 Array Index
John Hammond
Batch 88 Array Insert
John Hammond
Batch 89 Array Remove
John Hammond
Batch 90 Array Reverse
John Hammond
Python [colorama] 00 Installing on Linux
John Hammond
Python [colorama] 09 Cursor Position
John Hammond
Python [hashlib] 02 Algorithms
John Hammond
Python 00 Installing IDLE on Linux
John Hammond
Python [pygame] 11 Rectangular Collision Detection
John Hammond
Python [pygame] 12 Platforming Rectangular Collision Resolution
John Hammond
Python [XML-RPC] 01 Research
John Hammond
Python [pyenchant] 03 Personal Word Lists
John Hammond
FancyURLopener Authentication and User-Agent [urllib] 03
John Hammond
Python 04: PEP8 Coding
John Hammond
Python Challenge! 17 COOKIES
John Hammond
Google CTF 2016: Ernst Echidna
John Hammond
Google CTF 2016: Spotted Quoll
John Hammond
Google CTF 2016: Can you Repo It?
John Hammond
Google CTF 2016: No Big Deal
John Hammond
Google CTF 2016: In Recorded Conversation
John Hammond
Homemade CTF Challenge: 01 "Orchestra"
John Hammond
Homemade CTF Challenge: 02 "Bae's Base"
John Hammond
Homemade CTF Challenge: 03 "Web Hunt"
John Hammond
Homemade CTF Challenge: 04 "UPX"
John Hammond
Homemade CTF Challenge: 05 "The Assumption Song"
John Hammond
Homemade CTF Challenge: 06 "A Brisk Stroll"
John Hammond
Homemade CTF Challenge: 06 "I lost my password!"
John Hammond
web25 :: Mr. Robot : EKOPARTY CTF 2016
John Hammond
web50 : RFC 7230 :: EKOPARTY CTF 2016
John Hammond
misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
John Hammond
Hack The Vote 2016 CTF: Sander's Fan Club [web100]
John Hammond
Hack The Vote 2016 CTF Warpspeed [forensics150]
John Hammond
Juniors CTF 2016 :: Black Suprematic Square
John Hammond
Juniors CTF 2016 :: Six Strange Tales
John Hammond
Juniors CTF 2016 :: Lost Code
John Hammond
Juniors CTF 2016 :: Here Goes!
John Hammond
Juniors CTF 2016 :: Southern Cross
John Hammond
Juniors CTF 2016 :: Clone Attack
John Hammond
Juniors CTF 2016 :: Dirty Repo
John Hammond
Juniors CTF 2016 :: Hackers Blog
John Hammond
Juniors CTF 2016 :: Voting!!!
John Hammond
Juniors CTF 2016 :: The Good, The Bad and The Junkman
John Hammond
Juniors CTF 2016 :: Stop Thief!
John Hammond
Juniors CTF 2016 :: ROFL
John Hammond
Juniors CTF 2016 :: Restriced Area
John Hammond
Juniors CTF 2016 :: Oh SSH!
John Hammond
HackCon CTF 2017 TRIVIA and BONUS Challenges
John Hammond
HackCon CTF 2017 "Bacche" Challenges
John Hammond
Related Reads
📰
📰
📰
📰
Stop Using 'password123': A Developer's Guide to Strong Passwords
Dev.to · zhihu wu
Zero-Day Market: Why Developer Due Diligence Matters
Dev.to · Frank
XSS— TryHackMe
Medium · Cybersecurity
Social Discovery Group’s Announcement: A Communication That Raises Questions About Transparency and…
Medium · Cybersecurity
🎓
Tutor Explanation
DeepCamp AI