Cover Image

Neuland CTF 2022 Winter - Cryptography
 December 3, 2022    Neuland CTF


Download challenges: Neuland CTF Repository


Bitwise operator - Easy

The key to happiness is love.

`bo`juc:7?m:?Q6?9y?;=Q>~=<:9><s.


The headline already implies that it is a bitwise encryption. The description gives the next hint that the key is love. With this information, the most likely cipher is XOR. With the CyberChef XOR function the string can be decrypted.

The flag is nland{m491c41_817w153_0p324702}.


Black box - Medium

My friend gave me a black box to communicate.


On the side of the black box is a translucent opening behind which a LED flashes. If you decode the irregular flashing according to the international Morse code you get the flag.

s   ...
a   .-
m   --

The flag is nland{sam}.


RSA - Medium

Can you help decrypt the message? 

c: 207557546560859169576945127953007210120874560172495774733332113176052380374259008176000473940275124997746175571544779705475479684555026646029009
e: 65537
n: 398777541563043737059353117039052367438379031798809882266113550550889422915327876451213155884493233655798282644321599384995454457054595596193529


There was a similar task last semester. This time the title already reveals that it is an RSA challenge. Since n is a relatively small number, we have a good chance of finding its two prime factors. FactorDB has the factors which are q = 9058385098643201 and p = 44023028080664636076928415706635475780415467068429427621606805998837244807327108600025160059258108909394857318936421945725300729. We know n, e, q and p which can be used to decrypt the message. Let's take a closer look at how RSA works.

Key Generation:

  1. Select p,q (prime numbers and p!=q)
  2. Calculate n = p * q
  3. Calculate phi(n) = ( p - 1 ) * ( q - 1 )
  4. Select integer e GCD ( ϕ(n) , e ) = 1; 1 < e < ϕ(n)
  5. Calculate d = inverse(e) % ϕ(n)
  6. Public Key {e,n}
  7. Private Key {d,n}

Encryption: C = pow( M , e) % n

Decryption: M = pow(C , d) % n

Python script:

from Crypto.Util.number import *

q = 9058385098643201
p = 44023028080664636076928415706635475780415467068429427621606805998837244807327108600025160059258108909394857318936421945725300729
n = 398777541563043737059353117039052367438379031798809882266113550550889422915327876451213155884493233655798282644321599384995454457054595596193529
c = 207557546560859169576945127953007210120874560172495774733332113176052380374259008176000473940275124997746175571544779705475479684555026646029009
e = 65537

# decrypt
d = inverse(e,(p-1)*(q-1))
m = pow(c,d,p*q)
print("Message: ", long_to_bytes(m))

The flag is nland{7h15_15_f1n3}.


Truly magical operator - Medium

Author: Manu
This time it won't be as easy. Can you figure out the key yourself?

") %!?|-l%ui}rlzpi>v7x7q}'-x8


We can quickly see that this is a XOR encryption again by looking at the provided encrypt.py. The python script also tells us that the decrypted plaintext will contain "nland{" at the start. The key we are looking for is 6 characters long and only contains letters. We know that XOR is reversible. We can use this to our advantage. As we know that the flag will start with "nland{" we can find the first 6 characters of the key with CyberChef. Now we leaked the 6 characters of our key: "LEAKED". If we try this as the key, we can retrieve the flag CyberChef.

The flag is nland{0h-n0-17-15-r3v3r51bl3}.