Today we will be covering the Cryptography portion of the NCL Preseason game. If you don’t know what the NCL is, or what these posts are about, then I suggest you go back and read my Introduction Post which can be found here!

Alright, let’s begin!

Crypto 1:

1. 0x616761696e74687265653538

We can tell that this password is in Hex format due to the 0x at the start of the password. We can covert the hex to ASCII in Linux by simply running the following command.

root@kali:~# echo 0x616761696e74687265653538 | xxd -r -p
againthree58

And there we have it. The output is our password!

Answer: againthree58

2. cGVvcGxlY3Jvd2Q1MQ==

This password was Base64 Encoded. We can decode it in our Linux terminal.

root@kali:~# echo cGVvcGxlY3Jvd2Q1MQ== | base64 --decode
peoplecrowd51

Answer: peoplecrowd51

3. 01101101 01100001 01110100 01110100 01100101 01110010 01110011 01100001 01101001 01101100 00110110 00110010

This password was in binary form. You can go BinaryHexConverter and convert it to ASCII.

Answer: mattersail62

Crypto 2:

1. znggrefnvy

Our hint here was “shift cipher”, so we can assume that this is a Caesar Cipher. Since we do not know the total amount the letters were shifted by, we will have to brute force the cipher.

To do this I went to Decode.fr and used their Brute Force Attack to decrypt all possible passwords.

ShiftPassword
+13MATTERSAIL
+24BPIITGHPXA
+5UIBBMZAIQT
+19GUNNYLMUCF
+18HVOOZMNVDG
+17IWPPANOWEH
+20FTMMXKLTBE
+16JXQQBOPXFI
+22DRKKVIJRZC
+25AOHHSFGOWZ
+6THAALYZHPS
+23CQJJUHIQYB
+15KYRRCPQYGJ
+21ESLLWJKSAD
+1YMFFQDEMUX
+4VJCCNABJRU
+12NBUUFSTBJM
+7SGZZKXYGOR
+2XLEEPCDLTW
+3WKDDOBCKSV
+8RFYYJWXFNQ
+10PDWWHUVDLO
+11OCVVGTUCKN
+14LZSSDQRZHK
+9QEXXIVWEMP

We see that mattersail is being used again - as it was previously. So we can assume password reuse, and it would be the correct answer!

Answer: mattersail

Crypto 3:

1. .–. .-. — ..- -.. .. .-. — -.

This one was pretty simple if you know what you are looking at. This password was in Morse code. So I went to the Morse Code Translator and just pasted in the password to get the answer.

Answer: PROUDIRON

Crypto 4:

For this question we are provided with the following encryption algorithm - written in Python..

def encrypt(str):
	ret = ""
	for char in str:
		ret += rot7(rot3(char))
	return ret

1. qbkl dro owksvc ypp dro wksvcobfob

Since we already have the code, and know how the password is encrypted - all we have to do is enter our encyrpted string.

The code is basically taking a string, and for each character in the string it rotates the letter +3, then +7 and adds it to ret. Once done, it returns the string ret. So for us to get the password from the encryption, just enter the encrypted password and it will reverse it for us.

str = "qbkl dro owksvc ypp dro wksvcobfob"
def encrypt(str):
	ret = ""
	for char in str:
		ret += rot7(rot3(char))
	return ret

Answer: grab the emails off the mailserver

And that’s all for Cryptography - pretty easy I must say!

Thanks for reading! And stay tuned for the continuation on the NCL Preseason write-ups, VulnHub, and more!

Updated:

Leave a Comment