FireShell CTF 2019: Crytpo – Alphabet

This challenge provided the following introduction:

“If you know your keyboard, you know the flag”

And the following zip file:

The zip file contains a text file that appears to contains hex strings that appear to be separated by spaces. Changing the spaces to new lines, the hexes appear to possibly be hashes, and a quick Google showed the initial hashes were SHA256 of individual characters

HashTypeHashed Value
72dfcfb0c470ac255cde83fb8fe38de8a128188e03ea5ba5b2a93adbea1062fa SHA256L
65c74c15a686187bb6bbf9958f494fc6b80068034a659a9ad44991b08c58f2d2 SHA256o
454349e422f05297191ead13e21d3db520e5abef52055e4964b82fb213f593a1 SHA256r
3f79bb7b435b05321651daefd374cdc681dc06faa65e374e38337b88ca046dea SHA256e
6f8f57715090da2632453988d9a1501b MD5m
b14a7b8059d9c055954c92674ce60032 MD5_
865c0c0b4ab0e063e5caa3387c1a8741 MD5i

The following python script was created to parse the whole file:

import hashlib
import string

sha256_lookup = {}
md5_lookup = {}

# Create SHA256 & MD5 hash lookup tables for all printable characters
for x in string.printable:
sha256_lookup[hashlib.sha256(x.encode("utf-8")).hexdigest()] = x
md5_lookup[hashlib.md5(x.encode("utf-8")).hexdigest()] = x

with open('submit_the_flag_that_is_here.txt','r') as f:
output = f.read()
array = output.split(" ")
for x in array:
if x in sha256_lookup:
print(sha256_lookup[x],end="")
elif x in md5_lookup:
print(md5_lookup[x],end="")
else:
print("Missing %s" % x)

Which created the following very long output, which we could then search for flag format prefix “F#{“:

Lorem_ipsum_dolor_sit_amet,consectetur_adipiscing_elit._Nunc_massa_risus<…snip…>
_Congratulations!_T#e_Flag_Is_F#{Y3aH_Y0u_kN0w_mD5_4Nd_Sh4256}_Donec_facilisis
<…snip…>

This provided us with the flag:

F#{Y3aH_Y0u_kN0w_mD5_4Nd_Sh4256}

Leave a Reply

Your email address will not be published. Required fields are marked *

*