FireShell CTF 2019: Crytpo – Alphabet
This challenge provided the following introduction:
“If you know your keyboard, you know the flag”
And the following zip file:
The zip file contains a text file that appears to contains hex strings that appear to be separated by spaces. Changing the spaces to new lines, the hexes appear to possibly be hashes, and a quick Google showed the initial hashes were SHA256 of individual characters
| Hash | Type | Hashed Value |
| 72dfcfb0c470ac255cde83fb8fe38de8a128188e03ea5ba5b2a93adbea1062fa | SHA256 | L |
| 65c74c15a686187bb6bbf9958f494fc6b80068034a659a9ad44991b08c58f2d2 | SHA256 | o |
| 454349e422f05297191ead13e21d3db520e5abef52055e4964b82fb213f593a1 | SHA256 | r |
| 3f79bb7b435b05321651daefd374cdc681dc06faa65e374e38337b88ca046dea | SHA256 | e |
| 6f8f57715090da2632453988d9a1501b | MD5 | m |
| b14a7b8059d9c055954c92674ce60032 | MD5 | _ |
| 865c0c0b4ab0e063e5caa3387c1a8741 | MD5 | i |
The following python script was created to parse the whole file:
import hashlib
import string
sha256_lookup = {}
md5_lookup = {}
# Create SHA256 & MD5 hash lookup tables for all printable characters
for x in string.printable:
sha256_lookup[hashlib.sha256(x.encode("utf-8")).hexdigest()] = x
md5_lookup[hashlib.md5(x.encode("utf-8")).hexdigest()] = x
with open('submit_the_flag_that_is_here.txt','r') as f:
output = f.read()
array = output.split(" ")
for x in array:
if x in sha256_lookup:
print(sha256_lookup[x],end="")
elif x in md5_lookup:
print(md5_lookup[x],end="")
else:
print("Missing %s" % x)
Which created the following very long output, which we could then search for flag format prefix “F#{“:
Lorem_ipsum_dolor_sit_amet,consectetur_adipiscing_elit._Nunc_massa_risus<…snip…>
_Congratulations!_T#e_Flag_Is_F#{Y3aH_Y0u_kN0w_mD5_4Nd_Sh4256}_Donec_facilisis
<…snip…>
This provided us with the flag:
F#{Y3aH_Y0u_kN0w_mD5_4Nd_Sh4256}