OverTheWire – Krypton 6

A simple write up of the last level of krypton. Write ups for the other levels can be found easily on the web, and I suggest those by Alexander Clarke.

So, back to level 6, here is the initial setup:

krypton6@krypton:~$ mkdir /tmp/malvi
krypton6@krypton:/tmp$ cd /tmp/malvi
krypton6@krypton:/tmp/malvi$ ln -s /krypton/krypton6/keyfile.dat .

The key is cyclic, and claimed to be short. Let’s encrypt a long sequence of A’s:

krypton6@krypton:/tmp/malvi$ python -c "print 'A'*1000" >a
krypton6@krypton:/tmp/malvi$ /krypton/krypton6/encrypt6 a b
krypton6@krypton:/tmp/malvi$ cat b; echo

The string EICTDGYIYZKTHNSIRFXYCPFUEOCKRN of length 30 repeats several times. It provides enough information to decrypt the password. Just to be sure, let’s try to encrypt 30 A’s, followed by 30 B’s, followed by 30 C’s:

krypton6@krypton:/tmp/malvi$ python -c "print 'A'*30 + 'B'*30 + 'C'*30" >a
krypton6@krypton:/tmp/malvi$ /krypton/krypton6/encrypt6 a b
krypton6@krypton:/tmp/malvi$ cat b; echo

If we break every 30 characters, we can observe that each B has been replaced by the letter following the one that replaced the corresponding A (and similar for each C):


Let’s write a python script to decrypt the password:

krypton6@krypton:/tmp/malvi$ cat /krypton/krypton6/krypton7; echo
krypton6@krypton:/tmp/malvi$ cat >a.py <<EOF
pt = ''
for i in range(len(ct)):
    tmp = ord(ct[i]) - ord(key[i])
    if tmp < 0: tmp += 26
    tmp += ord('A')
    pt += chr(tmp)
print pt
krypton6@krypton:/tmp/malvi$ python a.py 

LFSR is not random, it’s true. However, here the real problem is that knowing the substitution for A is sufficient to predict the substitution for all other letters.

Do you have an alternative or simpler solution? Share it by leaving a comment!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.