In this task, after extracting several archives, we faced a file called “flag.enc” and a binary named “simple”. The encrypting algorithm used by the binary was pretty basic and easy to reverse:

  • firstly it needs a “flag” file where it takes the bytes to encrypt

  • XOR N’th char with (N+1)‘th char

  • put the result string into flag.enc

To reverse this encryption algorithm I started deciphering from the bottom of the encrypted stream. Basically what we did is just to bruteforce the last character that were in plaintext and if we pick it wrong then all the decrypting process will fail resulting in a messy data stream else we’ll obtain our decrypted file.

The python code above takes ’s’ argument which is the encrypted file’s content and will create 255 file where one of them will be surely the decrypted file. To notice which one just do a ‘file *’ and a gzip archive sould appear. Now just decrypt it and you’ll find a qr code. Decode the qr code and you’ll find some hex bytes and if you decode them you’ll obtain another compressed gzip archive. Extract it and finally the flag should appear in another qr code image.


solved by fox, Razor4x