Now you’ve got the hang of the various encodings you’ll be encountering, let’s have a look at automating it.

Can you pass all 100 levels to get the flag?

The 13377.py file attached below is the source code for what’s running on the server. The pwntools_example.py file provides the start of a solution using the incredibly convenient pwntools library. which you can use if you like. pwntools however is incompatible with Windows, so telnetlib_example.py is also provided.

For more information about connecting to interactive challenges, see the FAQ. Feel free to skip ahead to the cryptography if you aren’t in the mood for a coding challenge!

Connect at nc socket.cryptohack.org 13377

13377.py

pwntools_example.py

telnetlib_example.py

Solution:

Using the pwntools_example to build the script.

from pwn import * # pip install pwntools
import json
from Crypto.Util.number import bytes_to_long, long_to_bytes
import base64
import codecs
import array


r = remote('socket.cryptohack.org', 13377, level = 'debug')

def json_recv():
	line = r.recvline()
	return json.loads(line.decode())

def json_send(hsh):
	request = json.dumps(hsh).encode()
	r.sendline(request)

for i in range(0,101):
	received = json_recv()

	if "flag" in received:
		print(received)
		break

	print("\n\n")
	print("Received type: ")
	print(received["type"])
	print("Received encoded value: ")
	print(received["encoded"])

	encoding = received["type"]
	word = received["encoded"]

	if encoding == "base64":#PASSED
		decoded = base64.b64decode(word).decode('utf-8')
	elif encoding == "hex": #PASSED
		decode_hex = codecs.getdecoder("hex_codec")
		decoded = decode_hex(word)[0].decode('utf-8')
	elif encoding == "rot13":#PASSED
		decoded = codecs.encode(word, 'rot_13')
	elif encoding == "bigint":
		# Spent way too long troubleshooting this
		# Its a string so to make it work you have
		# to convert it.
		decoded = long_to_bytes(int(word,16)).decode('utf-8')
	elif encoding == "utf-8": #PASSED
		decoded = array.array('b', word).tobytes().decode('utf-8')

	print("DECODED: "+decoded)

	to_send = {
		"decoded": decoded
	}
	json_send(to_send)

Flag: crypto{3nc0d3_d3c0d3_3nc0d3}