Ciphers

Ways to encrypt text. Often methods used a long time ago to send secret messages

CyberChef

CyberChef is a great tool to stack various text operations. You can do things like URL encode, then Base64, then To Hex, etc. Just put some text in the input, apply operations as a recipe by dragging them from the left, and see the output.

It also has a Magic operation that tries lots of operations recursively, until some possible text comes out. Example

To test/debug recipes you can use the button to disable the operation, and the button to stop/pause the recipe before it reaches this operation.

Ciphers

There are lots of different ciphers out there, and often it's a game of recognizing certain features of the ciphertext and then deciding on a cipher to try. Some ciphers have keys, but these can often be brute-forced until some English text comes out, or until it fits a CTF{.*} flag format.

A good tool to automatically recognize and suggest ciphers is the one from Boxentriq. Lots of ciphers I won't cover here can be found on their site:

Another great tool is dCode, which you'll find often when searching for tools that can decrypt your cipher. It has lots of tools for even the most exotic of ciphers and can brute-force some parameters automatically. It also has a Cipher Identifier:

For non-text cipher that uses symbols instead, try looking at their list of Symbol Ciphers:

ROT13

ROT13 stands for "Rotate by 13", meaning you rotate all the letters by 13. This means the first letter (A) becomes the 14th letter (N). When you reach the end of the alphabet you just wrap around back to the start. The 20th letter in the alphabet (T) becomes 20 + 13 = 33 - 26 = 7 meaning the 7th letter (G).

This rotation does not need to be 13, although it's the most common. You can rotate the letters by any amount from 0-26.

Example

CTF{f4k3_fl4g_f0r_t3st1ng}  # Plaintext
-------------------------- ROT 13
PGS{s4x3_sy4t_s0e_g3fg1at}  # Ciphertext

CyberChef, Brute-Force

ROT47

Similarly to ROT13, ROT47 also rotates characters by some constant amount. But this time the whole printable ASCII character set, meaning 33 (!) to 126 (~). It rotates through this whole character set and wraps around just like ROT13.

This also can have any amount of rotation from 0-94.

Example

CTF{f4k3_fl4g_f0r_t3st1ng}  # Plaintext
-------------------------- ROT 47
>OAva/f.Zag/bZa+mZo.no,ibx  # Ciphertext

CyberChef, Brute-Force

XOR

As explained in detail in XOR, it XORs all the bits from a given plaintext or ciphertext, with a key that is often repeating. It can generate any set of bytes, including non-printable characters. This means it's often encoded in something like Base64 or Hex to make sure it can be sent properly. Repeating-key XOR can be brute-forced, and with a known plaintext you can recover the key.

Example

01000010 01111001 01100101 = "Hey"  # Plaintext
01001011 01000101 01011001 = "KEY"  # Key
-------------------------- XOR
00001001 00111100 00111100 = "\t<<"  # Ciphertext

CyberChef, Brute-Force

ADD

The ADD cipher adds a number to every byte and wraps around when it goes over 255. For every character in the plaintext, it gets the character in the key that is often repeating.

4354467b66346b335f666c34675f6630725f74337374316e677d = "CTF{f4k3_fl4g_f0r_t3st1ng}"  # Plaintext
7365637265747365637265747365637265747365637265747365 = "secretsecretsecretsecretse"  # Key
-------------------------- ADD
b6b9a9edcba8de98c2d8d1a8dac4c9a2d7d3e798d6e696e2dae2 = "¶¹©íË¨Þ.ÂØÑ¨ÚÄÉ¢×Óç.Öæ.âÚâ"  # Ciphertext

Invert a key

def encrypt_key_to_decrypt_key(key):
    return bytes(256 - c for c in key).hex()

CyberChef

Substitution Cipher

A substitution cipher works by replacing certain letters with other letters. The secret here is the alphabet used, meaning what letters map to what other letters. There are some online tools that can use some analytics to find what text/key is the most likely to be correct:

If an online tool cannot solve it, you might need to do some manual work. A great tool that can help with this is the following:

Simply input your ciphertext, and click Start Manual Solving. Here you can view your ciphertext, and plaintext so far in the Text field. In the Key field, you can fill out what letters should correspond to each other. The easiest way is to look at the spacing of your target text if there is any, and guess what some words might be. Then you can slowly fill in other letters and guess more words.

When working with English text, you can use the Word finder there to put wildcards for letters you don't know and find possible matching words. If your plaintext is likely in another language than English, you might want to look for any other online Wildcard dictionary searchers or create your own from a wordlist in your favorite programming language.

Another tool that might help in the case of short text or a different language than existing tools use, is my own SubSolver:

It allows you to provide a wordlist and tries every possible combination of words in that list efficiently to find possible solutions that fit with the repeated letters and spacing in a ciphertext.

$ time ./target/release/sub-solver -s "Tcxd dlzhrtm edbe ec tmcpfitd xs ecch rl ifercl"
[*] Using empty starting key
[*] Using built-in english wordlist
[+] Loaded 13255 unique patterns
[+] Saved dictionary cache
[*] Input string: "Tcxd dlzhrtm edbe ec tmcpfitd xs ecch rl ifercl"
[+] Parsed 9 input words
[+] Pruned impossible words
[*] Starting to find solutions...
?xoetc?la??nh??w?iys???m?g -> some english text to showcase my tool in action
?xoetc?la??nh??w?irs???m?g -> some english text to showcase mr tool in action
?xoetc?la??nh??w?ius???m?g -> some english text to showcase mu tool in action
[+] Finished! (3 solutions)

real    0m0.117s

PreviousEncodings NextAES

Last updated 2 years ago