Substitution ciphers are a simple replacement algorithm. In this example of a substitution cipher, we will explore a ‘monoalphebetic’ cipher. Monoalphebetic means, literally, “one alphabet” and you will see why.
This level contains an old form of cipher called a ‘Caesar Cipher’. A Caesar cipher shifts the alphabet by a set number. For example:
plain: a b c d e f g h i j k ... cipher: G H I J K L M N O P Q ...
In this example, the letter ‘a’ in plaintext is replaced by a ‘G’ in the ciphertext so, for example, the plaintext ‘bad’ becomes ‘HGJ’ in ciphertext.
The password for level 3 is in the file krypton3. It is in 5 letter group ciphertext. It is encrypted with a Caesar Cipher. Without any further information, this cipher text may be difficult to break. You do not have direct access to the key, however you do have access to a program that will encrypt anything you wish to give it using the key. If you think logically, this is completely easy.
One shot can solve it!
First, we need to find this ‘krypton3’ file using find again. As you can see, the pattern of the file, we’ll omit this from now on.
find / -type f -name krypton3 2</dev/null /games/krypton/krypton2/krypton3 cat /games/krypton/krypton2/krypton3 OMQEMDUEQMEK
From the level info, we should use encrypt binary to find out how many characters shifted in the cipher. However, there is a permission issue, but we can copy encrypt to another directory if we have permission to write. One such area is /tmp. Create a directory (e.g. abc/) and copy encrypt into it. Now when we execute encrypt with a file contain all the alphabet in order (let’s call this file alphabet), it will say it can’t find keyfile.dat. However, we can’t copy it because we don’t have read permission. We create a fake keyfile.dat by copying the alphabet file. Finally, execute encrypt with alpha will create another file call ciphertext in the same directory. The file contain the key
Put this as a key string in our script.
#!/bin/bash cipher=$(</games/krypton/krypton2/krypton3) alpha=ABCDEFGHIJKLMNOPQRSTUVWXYZ key=MNOPQRSTUVWXYZABCDEFGHIJKL echo $cipher | tr $key $alpha
Using this in our script to translate from the key to the alphabet with the ciphertext (krypton3) will return the original plaintext. The output give us the correct password for level 3.