Tags: bitflipping
Rating:
**Description**
> yeeeeeeeeeeeeeeeeeeeeeeeeeeeeeet
>
> single yeet yeeted with single yeet == 0
>
> yeeet
>
> what is yeet?
>
> yeet is yeet
>
> Yeetdate: yeeted yeet at yeet: 9:42 pm
**Files provided**
- [`ciphertext.txt`](https://github.com/Aurel300/empirectf/blob/master/writeups/2018-09-14-CSAW-CTF-Quals/files/babycrypto-ciphertext.txt)
**Solution**
If we decode the ciphertext with Base64, we see a lot of non-ASCII characters:
$ base64 -D < ciphertext.txt > b64dec.bin
$ xxd b64dec.bin
0000000: b39a 9091 df96 8cdf 9edf 8f8d 9098 8d9e ................
0000010: 9292 9a8d df88 9790 df9e 8c8f 968d 9a8c ................
0000020: df8b 90df 9c8d 9a9e 8b9a df8f 8d90 988d ................
0000030: 9e92 8cdf 8b97 9e8b df97 9a93 8fdf 8f9a ................
0000040: 908f 939a df9b 90df 939a 8c8c d1df b79a ................
0000050: df88 9e91 8b8c df8b 90df 8f8a 8bdf 9e8a ................
0000060: 8b90 929e 8b96 9091 df99 968d 8c8b d3df ................
0000070: 9e91 9bdf 8c9c 9e93 9e9d 9693 968b 86df ................
0000080: 9e93 9091 988c 969b 9ad1 dfb7 9adf 9b8d ................
0000090: 9a9e 928c df90 99df 9edf 8890 8d93 9bdf ................
00000a0: 8897 9a8d 9adf 8b97 9adf 9a91 9b93 9a8c ................
00000b0: 8cdf 9e91 9bdf 8b97 9adf 9691 9996 9196 ................
00000c0: 8b9a df9d 9a9c 9092 9adf 8d9a 9e93 968b ................
00000d0: 969a 8cdf 8b90 df92 9e91 9496 919b d3df ................
00000e0: 9e91 9bdf 8897 9a8d 9adf 8b97 9adf 8b8d ................
00000f0: 8a9a df89 9e93 8a9a df90 99df 9396 999a ................
0000100: df96 8cdf 8f8d 9a8c 9a8d 899a 9bd1 9993 ................
0000110: 9e98 849b 9699 9996 9ad2 979a 9393 929e ................
0000120: 91d2 98cf 8f97 cc8d 858d 9eb0 a6ce b59e ................
0000130: 93cb 9cb7 9eb9 a6c6 aca8 ad86 beae c99e ................
0000140: b782 ..
In fact, not a single byte is ASCII data - all the bytes are higher than `0x7F`. This indicates that the MSB (most significant bit) is `1` for all bytes. It also shows that this might not be the result of a "standard" cipher, which would (attempt to) distribute the values over the entire spectrum.
So an obvious possibility was that the MSB was simply set on all the bytes, and to decode we should ignore the byte:
```python
import sys
with open("b64dec.bin", "rb") as f:
encoded = f.read()
for c in encoded:
sys.stdout.write(chr(ord(c) & 0x7F))
```
This produces some more ASCII-looking data, but it is still not readable and the most common character seems to be `_`. An underscore is `0x5F`, and if we put back the MSB we ignored, that value is `0xDF`, or `0b11011111`. If this is English text, we would expect the most common character to be `0x20` (a space), which happens to be `0x20`, or `0b00100000`. All the bits are inverted, so let's see if this works:
```python
import sys
with open("b64dec.bin", "rb") as f:
encoded = f.read()
for c in encoded:
sys.stdout.write(chr(ord(c) ^ 0xFF))
```
And indeed:
$ python invertBits.py
> Leon is a programmer who aspires to create programs that help people do less. He wants to put automation first, and scalability alongside. He dreams of a world where the endless and the infinite become realities to mankind, and where the true value of life is preserved.flag{diffie-hellman-g0ph3rzraOY1Jal4cHaFY9SWRyAQ6aH}
The flag seems a bit unrelated.
`flag{diffie-hellman-g0ph3rzraOY1Jal4cHaFY9SWRyAQ6aH}`