📖
CTF Wiki
  • 🚩Arne's CTF Writeups!
  • 2025
    • TUCTF
      • Forensics - Security Rocks
  • 2024
    • Lexington CTF
      • Misc - a little bit of tomcroppery
    • Imaginary CTF
      • Web - Journal
    • Space Heroes CTF
      • Web - Antikythera
    • HTB Cyber Apocalypse
      • Pwn - Sound of Silence
      • Misc - MultiDigilingual
  • 2023
    • NahamConCTF
      • Mobile - Red Light Green Light
    • BucketCTF
      • Rev - Schematic
      • Rev - Random security
    • HTB Cyber Apocalypse
      • Rev - Cave System
      • Rev - Somewhat Linear
      • Pwn - Void
  • 2022
    • DownUnderCTF 2022
      • Cloud - Jimmy Builds a Kite
    • Ã¥ngstromCTF 2022
      • Pwn - really obnoxious problem
      • Pwn - whatsmyname
    • Engineer CTF
      • Misc - Not really random
      • Misc - Broken Pieces
    • KnightCTF 2022
    • HTB CTF: Dirty Money
      • Forensics - Perseverance
  • 2021
    • MetaCTF CyberGames 2021
    • HTB - Cyber Santa
      • RE - Infiltration
    • Securebug CTF Thor 2021
      • Web - Tricks 1
      • Web - Tricks 2
      • RE - Hidden in Plain Sight
    • TFC CTF 2021
      • RE - Crackity
      • Pwn - Jumpy
      • Misc - Weird Friend
    • K3RN3L CTF 2021
      • Crypto - Pascal RSA
    • DamCTF 2021
      • Misc - library-of-babel
      • Pwn - cookie-monster
    • Killer Queen CTF 2021
      • Pwn - Tweety Birb
      • Forensics - Tippy Tappies
      • Pwn - I want to break free
    • BuckeyeCTF 2021
      • Web - pay2win
      • Misc - USB Exfiltration
Powered by GitBook
On this page
  • Description
  • Downloads
  • Solution
  1. 2021
  2. TFC CTF 2021

RE - Crackity

Easy | 64 solves | 320 points

Last updated 3 years ago

Description

I made a module for my application, and I am sure no one can crack it! I even handed it out for free, because I was so sure no one could get my data for free, without paying me first to decode it. So I'm sure you can't crack it either. You can try tho! Here.

Downloads

Solution

We are presented with a Java Archive (.jar) file and to view the file content, I used a Java decompiler. The file had all of its class names obfuscated with a series of i and l characters.

Because there were not a lot of classes, I manually looked through all the classes and most of them had content in this format: public static final String x = "<Gibberish string>"

All except one class that looks like this.

I copied the code out into Sublime Text and replaced the long obfuscated class name with x.

I tried to compute the value of x using an online Java compiler and it seems that x will always evaluate to a constant string "Nr0.27465307216702745". So again, the code can be further simplified to:

# Java code
# public static String x(String paramString) {
#   char[] arrayOfChar = new char[paramString.length()];
#   for (byte b = 0; b < paramString.length(); b++)
#     arrayOfChar[b] = (char)(paramString.charAt(b) - "Nr0.27465307216702745".charAt(b % 21)); 
#   return new String(arrayOfChar);
# }

# In python
paramString = "¢¸sq\u0086}¯ i©d\u0096b\u0093\u009c¬£\u0095k¨f~à\u008f_¥\u0096¤¨h§¤°\u0091\u009ff«\u008f¢©g©Âë\u00ad"
conststring = "Nr0.27465307216702745"

arrayOfChar = ""
for i in range(len(paramString)):
  try:
    arrayOfChar += chr(ord(paramString[i]) - ord(conststring[(i % 21)]))
    print(arrayOfChar)
  except:
    print("error")
    pass

Got the above using the above code but realised that the flag was incorrect. It was obvious what's wrong though, so I appended a j in front so that the flag makes more sense and turns out its correct!

Flag: TFCCTF{j4v4_0bfusc4t10n_1s_pr3tty_n0t_pr3tty}

Remember the gibberish string that all the other classes have? I guessed that they would be passed in to this function as argument. Using , I could not copy the gibberish string out so, I used an online to copy the string. While I probably should have done this in Java, I wrote a python equivalent of the above code and used the gibberish string from the previous class as argument.

jd-gui
Java Decompiler
jd-gui
57KB
crackity.jar