Hack This Site! Getting Real (VI)

The 6th Realistic Mission on Hack This Site! is based on cryptographic skills. We need to identify the Algorithm and design a decrypt to unscramble the encrypted document.

We have an encrypted document here, and it is believed to be encrypted using the XECryption Algorithm. Open the encrypt from here. Here is how I found out what the algorithm works.

Analyzing XECryption Algorithm

On encrypting the letter ‘d’ with password null, I got, .61.27.12

On encrypting the letter ‘dd’ with password null, I got, .56.53.-9.55.15.30

On encrypting the letter ‘d’ with password null again, I got .38.42.20

So every letter is encrypted into three numbers separated by periods ‘.’

However, The numbers do not remain the same (look at (1) and (3)), they change every time you encrypt it.

But, notice that the sum of the three numbers in (1), (3) remain the same = 100.

A look at the ASCII table shows that 100 is the ASCII value of d!

Now look at the encryption in (2), the sum of three consequent numbers is 100!

So, what we need to do is, to split the encrypted document into three consequent numbers and find the sum of the them. That should give the ASCII of the corresponding character! Or does it?

We have not explored the effect of the password on the encryption.

So, I try out ‘d’ and ‘dd’ with the password ‘d’, and I get .63.69.68 and .39.91.70.70.57.73 respectively.

Observe that the sum of three consequent numbers is 200 and 200.200 respectively. This means on subtracting the ASCII of the password i.e. ‘d’ from the encryption, then we shall get the ASCII of the characters. (Experiment with this, for clarity).

What I understood from this is that, it is not essential for us to know the actual password, but only the summed up ASCII value of the password.

That shall be enough for us to find the ASCII of the characters and hence decrypt the entire document.

What I Infer..

When XECryption Algorithm is used the individual characters of the document becomes three numbers separated by periods, such that the sum of the three numbers gives the sum of the ASCII value of the character and the cumulative ASCII value of the password.

So to find the ASCII value and hence the characters, the three numbers are added and then the cumulative ASCII value of the password is subtracted. Since we will be needing only the cumulative ASCII value of the password, which is a number, hence we shall refer to it as the Password Value or X.

I used Visual Basic to make the decrypt as it helps me develop the application rapidly. It takes up the encrypted document and splits it up using the split command. It is stored in an array. Then three consequent numbers are added up and the Password Value is subtracted. This number is converted into character, and lo! we have the unscrambled document.

But Password Value = ?

We have one more hurdle to cross. The Password Value or X is still unknown. We do not know it. So how do we go about it? I found the Password Value using trial and error, but I didn’t do it manually, I used a timer (I programmed the decrypt in Visual Basic), that automatically change the Password Value, and the document was also unscrambled dynamically and displayed in a text box. So when the unscrambled document became something meaningful I stop, and bingo! i have found the Password Value, X!

More Hints

1. Use reasonable values of X for trial, I found values below 628, giving Run time Error.
2. I used the character “d” in the initial analysis of the encrypt because it has the ASCII value 100, and it is easy for calculation and finding patterns.
3. There might be a much more efficient way to find the Password Value, which I don’t know. Please let me know, if anyone of you know it. Thanks.

P.S. : Details of the Decrypt and snippets of the code shall be soon posted. The programming has been done using Microsoft Visual basic 6.0

---

Possibly related posts: (automatically generated)

• Hotmail Scam Reveals Most Common Password: 123456