rot128.py<\/code>\ub294\u00a0flag.png<\/code>\u00a0\ud30c\uc77c\uc744 \uc554\ud638\ud654\ud558\uc5ec\u00a0encfile<\/code>\ub85c \uc800\uc7a5\ud558\ub294 \ud504\ub85c\uadf8\ub7a8\uc758 \uc18c\uc2a4 \ucf54\ub4dc\uc785\ub2c8\ub2e4. (\ud480\uc774\uc790\uac00 \ud504\ub85c\uadf8\ub7a8\uc744 \uc9c1\uc811 \uc2e4\ud589\ud560 \uc218\ub294 \uc5c6\uc2b5\ub2c8\ub2e4.)<\/p>\n\n\n\n\uc8fc\uc5b4\uc9c4\u00a0encfile<\/code>\uc744 \ubcf5\ud638\ud654\ud558\uc5ec\u00a0flag<\/code>\u00a0\ud30c\uc77c \ub0b4\uc6a9\uc744 \uc54c\uc544\ub0b8 \ub4a4,\u00a0flag.png<\/code>\uc5d0\uc11c \ud50c\ub798\uadf8\ub97c \ud68d\ub4dd\ud558\uc138\uc694!<\/p>\n\n\n\n\ud50c\ub798\uadf8\uc758 \ud615\uc2dd\uc740 flag{…} \uc785\ub2c8\ub2e4.<\/p>\n\n\n\n
Files<\/h2>\n\n\n\n\n\nubuntu@WSL2:~\/CTF\/whitehat$ tree ROT128\nROT128\n\u251c\u2500\u2500 encfile\n\u2514\u2500\u2500 rot128.py\n\n0 directories, 2 files\n\nubuntu@WSL2:~\/CTF\/whitehat$ file .\/ROT128\/encfile\n.\/ROT128\/encfile: ASCII text, with very long lines (65536), with no line terminators\nubuntu@WSL2:~\/CTF\/whitehat$ file .\/ROT128\/rot128.py\n.\/ROT128\/rot128.py: Python script, ASCII text executable<\/pre>\n<\/div>\n<\/div>\n\n\n\n\uc554\ud638\ud654\ub41c \uc774\ubbf8\uc9c0 \ud30c\uc77c \ud558\ub098\uc640 \uc554\ud638\ud654\uc2dc\ud0a4\ub294 \ud30c\uc774\uc36c \uc2a4\ud06c\ub9bd\ud2b8 \ud30c\uc77c \ud558\ub098.<\/p>\n\n\n\n
\ubd84\uc11d<\/h2>\n\n\n\nrot128.py<\/h3>\n\n\n\n\n\n#!\/usr\/bin\/env python3\n\nhex_list = [(hex(i)[2:].zfill(2).upper()) for i in range(256)]\n\nwith open('flag.png', 'rb') as f:\n plain_s = f.read()\n\nplain_list = [hex(i)[2:].zfill(2).upper() for i in plain_s]\n\nenc_list = list(range(len(plain_list)))\n\nfor i in range(len(plain_list)):\n hex_b = plain_list[i]\n index = hex_list.index(hex_b)\n enc_list[i] = hex_list[(index + 128) % len(hex_list)]\n\nenc_list = ''.join(enc_list)\n\nwith open('encfile', 'w', encoding='utf-8') as f:\n f.write(enc_list)<\/pre>\n<\/div>\n<\/div>\n\n\n\n\n- [’00’, ’01’, ’02’, ’03’, ~ ‘FF’]\uc640 \uac19\uc774 0~255\uac00 \ub2f4\uae34 hex_list\ub97c \uc0dd\uc131\ud55c\ub2e4.<\/li>\n\n\n\n
- flag.png \ud30c\uc77c\uc744 \ubc14\uc774\ub108\ub9ac \uc77d\uae30 \ubaa8\ub4dc\ub85c \uc5f4\uc5b4 plain_s\uc5d0 \uc9c0\uc815\ud55c\ub2e4.<\/li>\n\n\n\n
- plain_list\uc5d0 16\uc9c4\uc218 \ud0c0\uc785\uc73c\ub85c \ub9ac\uc2a4\ud2b8\ub97c \ub9cc\ub4e0\ub2e4.
\uc774\ub97c \ud14c\uba74, flag.png \ud30c\uc77c\uc774 abcd\uac00 \ub4e4\uc5b4\uc788\uc73c\uba74, plain_list\uc5d0\ub294 [’41’, ’42’, ’43’, ’44’]\uac00 \ub41c\ub2e4.<\/li>\n\n\n\n - \ud30c\uc77c\uc5d0 \uc788\ub294 \uac01 \ud558\ub098\uc758 \ubb38\uc790\ub97c \ub098\ud0c0\ub0b4\ub294 \uc544\uc2a4\ud0a4\ucf54\ub4dc\uc5d0 128\uc744 \ub354\ud558\uace0 len(hex_list)\uac12\uc778 256\uc744 %\uc5f0\uc0b0\ud55c \uac12\uc744 hex_list\uc758 index\uac12\uc73c\ub85c \uc9c0\uc815\ud55c\ub2e4. \uadf8\ub807\uac8c index \uac12\uc744 \uc9c0\uc815\ud55c hex_list\uc758 \ud558\ub098\uc758 \uac12\uc774 \ub2f4\uaca8 enc_list\uac00 \ub41c\ub2e4.
\uc774\ub97c \ud14c\uba74, (0x41+128)%256=193, hex_list[193]=0xC1,
(0x42+128)%256=194, hex_list[194]=0xC2,
(0x43+128)%256=195, hex_list[195]=0xC3,
(0x44+128)%256=196, hex_list[196]=0xC4\uac00 \ub418\uc5b4
[‘C1’, ‘C2’, ‘C3’, ‘C4’]\uac00 \ub2f4\uae34 enc_list\uac00 \ub41c\ub2e4.<\/li>\n\n\n\n - enc_list \ub9ac\uc2a4\ud2b8\ub97c \ub2e4\uc2dc \ud558\ub098\uc758 \ubb38\uc790\uc5f4\ub85c \ub9cc\ub4e4\uc5b4 encfile\ub85c \uc800\uc7a5\ud55c\ub2e4.<\/li>\n<\/ol>\n\n\n\n
\ud480\uc774<\/h2>\n\n\n\n
encfile \ud30c\uc77c\uc5d0 \uc788\ub294 2\ubc14\uc774\ud2b8\uc758 Hex\uac12\uc744 \ud558\ub098\uc758 \ubc30\uc5f4 \uc694\uc18c\ub85c \uc9c0\uc815\ud55c\ub2e4.
hex_list \uc778\ub371\uc2a4\ub294 \uc5ed\uc73c\ub85c 128\uc744 \ube7c\uace0, 256\uc744 %\uc5f0\uc0b0\ud55c \uac12\uc73c\ub85c \ud574\uc11c
\uc774\ubbf8\uc9c0 \ud30c\uc77c\uc758 \ud55c \ubc14\uc774\ud2b8\uc529 \ubcf5\uc6d0\uc2dc\ud0a4\uba74 \ub41c\ub2e4.<\/p>\n\n\n\n
Solution<\/h2>\n\n\n\n\n\nhex_list = [(hex(i)[2:].zfill(2).upper()) for i in range(256)]\n\nwith open('encfile', 'rb') as f:\n enc_list = f.read()\n enc_list = [int(enc_list[i:i+2], 16) for i in range(0, len(enc_list), 2)]\n\nplain_list = []\n\nfor i in range(len(enc_list)):\n plain_list.append(hex_list[(enc_list[i] - 128) % len(hex_list)])\n\nplain_list = ''.join(plain_list)\nplain_list = bytes.fromhex(plain_list)\n\nwith open('flag.png', 'wb') as f:\n f.write(plain_list)<\/pre>\n<\/div>\n<\/div>\n\n\n\nFLAG<\/h2>\n\n\n\n![\"\"](\"https:\/\/h4ck.kr\/wp-content\/uploads\/2023\/09\/flag.png\")
<\/figure>\n","protected":false},"excerpt":{"rendered":"Description rot128.py\ub294\u00a0flag.png\u00a0\ud30c\uc77c\uc744 \uc554\ud638\ud654\ud558\uc5ec\u00a0encfile\ub85c \uc800\uc7a5\ud558\ub294 \ud504\ub85c\uadf8\ub7a8\uc758 \uc18c\uc2a4 \ucf54\ub4dc\uc785\ub2c8\ub2e4. (\ud480\uc774\uc790\uac00 \ud504\ub85c\uadf8\ub7a8\uc744 \uc9c1\uc811 \uc2e4\ud589\ud560 \uc218\ub294 \uc5c6\uc2b5\ub2c8\ub2e4.) \uc8fc\uc5b4\uc9c4\u00a0encfile\uc744 \ubcf5\ud638\ud654\ud558\uc5ec\u00a0flag\u00a0\ud30c\uc77c \ub0b4\uc6a9\uc744 \uc54c\uc544\ub0b8 \ub4a4,\u00a0flag.png\uc5d0\uc11c \ud50c\ub798\uadf8\ub97c \ud68d\ub4dd\ud558\uc138\uc694! \ud50c\ub798\uadf8\uc758 \ud615\uc2dd\uc740 flag{…} \uc785\ub2c8\ub2e4. Files \uc554\ud638\ud654\ub41c \uc774\ubbf8\uc9c0 \ud30c\uc77c \ud558\ub098\uc640 \uc554\ud638\ud654\uc2dc\ud0a4\ub294 \ud30c\uc774\uc36c \uc2a4\ud06c\ub9bd\ud2b8 \ud30c\uc77c \ud558\ub098. \ubd84\uc11d rot128.py \ud480\uc774 encfile \ud30c\uc77c\uc5d0 \uc788\ub294 2\ubc14\uc774\ud2b8\uc758 Hex\uac12\uc744 \ud558\ub098\uc758 \ubc30\uc5f4 \uc694\uc18c\ub85c \uc9c0\uc815\ud55c\ub2e4.hex_list \uc778\ub371\uc2a4\ub294 \uc5ed\uc73c\ub85c 128\uc744 \ube7c\uace0, 256\uc744 %\uc5f0\uc0b0\ud55c \uac12\uc73c\ub85c \ud574\uc11c \uc774\ubbf8\uc9c0… \ub354 \ubcf4\uae30 »ROT128<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[15],"tags":[28,24],"class_list":["post-767","post","type-post","status-publish","format-standard","hentry","category-whitehat1","tag-cryptography","tag-reversing"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/767","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=767"}],"version-history":[{"count":1,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/767\/revisions"}],"predecessor-version":[{"id":769,"href":"https:\/\/h4ck.kr\/index.php?rest_route=\/wp\/v2\/posts\/767\/revisions\/769"}],"wp:attachment":[{"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=767"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=767"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/h4ck.kr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=767"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}