duckythescientist · August 26, 2016 16:05 · gzz2000 · Feb 7, 2018
diff --git a/decode.py b/decode.py
 #!/usr/bin/env python3

 """
 encode.pyc is a compiled python file. 
 The first 2 bytes \x16\x0d == 3350 mean that it's a python3 file. 
 Python3.4 throws a bad magic number error, but python3.5 works. 
 After trying a couple python decompilers, I found that unpyc3 worked the best:
 ```
 duck@computer:~/Downloads$ python3.5 ../unpyc3.py encode.pyc 
 import random
 import base64
 P = [27, 35, 50, 11, 8, 20, 44, 30, 6, 1, 5, 2, 33, 16, 36, 64, 3, 61, 54, 25, 12, 21, 26, 10, 57, 53, 38, 56, 58, 37, 43, 17, 42, 47, 4, 14, 7, 46, 34, 19, 23, 40, 63, 18, 45, 60, 13, 15, 22, 9, 62, 51, 32, 55, 29, 24, 41, 39, 49, 52, 48, 28, 31, 59]
 S = [68, 172, 225, 210, 148, 172, 72, 38, 208, 227, 0, 240, 193, 67, 122, 108, 252, 57, 174, 197, 83, 236, 16, 226, 133, 94, 104, 228, 135, 251, 150, 52, 85, 56, 174, 105, 215, 251, 111, 77, 44, 116, 128, 196, 43, 210, 214, 203, 109, 65, 157, 222, 93, 74, 209, 50, 11, 172, 247, 111, 80, 143, 70, 89]
 inp = input()
 inp += ''.join(chr(random.randint(0, 47)) for _ in range(64 - len(inp) % 64))
 ans = ['' for i in range(len(inp))]
 for j in range(0, len(inp), 64):
    for i in range(64):
        ans[j + P[i] - 1] = chr((ord(inp[j + i]) + S[i]) % 256)
 ans = ''.join(ans)
 print(base64.b64encode(ans.encode('utf8')).decode('utf8'))
 ```

 I've modified the encode into a function and created its accompanying decode function.

 Note: because the length of the cleartext isn't stored anywhere in the cipher text, 
 the deciphered text will have a few garbage characters at the end. 
 This doesn't matter to us because we can just eyeball the flag from the jibberish.
 """

 import random
 import base64
 P = [27, 35, 50, 11, 8, 20, 44, 30, 6, 1, 5, 2, 33, 16, 36, 64, 3, 61, 54, 25, 12, 21, 26, 10, 57, 53, 38, 56, 58, 37, 43, 17, 42, 47, 4, 14, 7, 46, 34, 19, 23, 40, 63, 18, 45, 60, 13, 15, 22, 9, 62, 51, 32, 55, 29, 24, 41, 39, 49, 52, 48, 28, 31, 59]
 S = [68, 172, 225, 210, 148, 172, 72, 38, 208, 227, 0, 240, 193, 67, 122, 108, 252, 57, 174, 197, 83, 236, 16, 226, 133, 94, 104, 228, 135, 251, 150, 52, 85, 56, 174, 105, 215, 251, 111, 77, 44, 116, 128, 196, 43, 210, 214, 203, 109, 65, 157, 222, 93, 74, 209, 50, 11, 172, 247, 111, 80, 143, 70, 89]

 def encode(inp):
    # Padd inp with random characters for a length divisible by 64
    inp += ''.join(chr(random.randint(0, 47)) for _ in range(64 - len(inp) % 64))
    # ans will hold our encoded text
    ans = ['' for i in range(len(inp))]
    # For each block of 64 characters
    for j in range(0, len(inp), 64):
        # Iterate through each character in the block
        for i in range(64):
            # Two things happen here: First, the S list is used to shift individual characters
            # Second: the P list is used to mix/shuffle the characters in a block
            ans[j + P[i] - 1] = chr((ord(inp[j + i]) + S[i]) % 256)
    ans = ''.join(ans)
    return base64.b64encode(ans.encode('utf8')).decode('utf8')

 def decode(inp):
    # The decode operation is very similar to the encode operation
    inp = base64.b64decode(inp.encode("utf8")).decode("utf8")
    # print(inp)
    ans = ['' for i in range(len(inp))]
    for j in range(0, len(inp), 64):
        for i in range(64):
            # swap input and output indices for the mixing/shuffling
            oind = j + P[i] - 1
            iind = j + i
            # subtract S offsets instead of adding
            # I add the extra 256 because sometimes modulo of negative numbers isn't nicely defined in languages, but it shouldn't be needed in Python 
            ans[iind] = chr((ord(inp[oind]) - S[i] + 256) % 256)
    ans = ''.join(ans)
    return ans


 if __name__ == '__main__':
    # enc = encode("hello, world")
    # print(enc)
    dec = decode("Wmkvw680HDzDqMK6UBXChDXCtC7CosKmw7R9w7JLwr/CoT44UcKNwp7DllpPwo3DtsOID8OPTcOWwrzDpi3CtMOKw4PColrCpXUYRhXChMK9w6PDhxfDicOdwoAgwpgNw5/Cvw==")
    print(dec)
	#!/usr/bin/env python3

	"""
	encode.pyc is a compiled python file.
	The first 2 bytes \x16\x0d == 3350 mean that it's a python3 file.
	Python3.4 throws a bad magic number error, but python3.5 works.
	After trying a couple python decompilers, I found that unpyc3 worked the best:
	```
	duck@computer:~/Downloads$ python3.5 ../unpyc3.py encode.pyc
	import random
	import base64
	P = [27, 35, 50, 11, 8, 20, 44, 30, 6, 1, 5, 2, 33, 16, 36, 64, 3, 61, 54, 25, 12, 21, 26, 10, 57, 53, 38, 56, 58, 37, 43, 17, 42, 47, 4, 14, 7, 46, 34, 19, 23, 40, 63, 18, 45, 60, 13, 15, 22, 9, 62, 51, 32, 55, 29, 24, 41, 39, 49, 52, 48, 28, 31, 59]
	S = [68, 172, 225, 210, 148, 172, 72, 38, 208, 227, 0, 240, 193, 67, 122, 108, 252, 57, 174, 197, 83, 236, 16, 226, 133, 94, 104, 228, 135, 251, 150, 52, 85, 56, 174, 105, 215, 251, 111, 77, 44, 116, 128, 196, 43, 210, 214, 203, 109, 65, 157, 222, 93, 74, 209, 50, 11, 172, 247, 111, 80, 143, 70, 89]
	inp = input()
	inp += ''.join(chr(random.randint(0, 47)) for _ in range(64 - len(inp) % 64))
	ans = ['' for i in range(len(inp))]
	for j in range(0, len(inp), 64):
	for i in range(64):
	ans[j + P[i] - 1] = chr((ord(inp[j + i]) + S[i]) % 256)
	ans = ''.join(ans)
	print(base64.b64encode(ans.encode('utf8')).decode('utf8'))
	```

	I've modified the encode into a function and created its accompanying decode function.

	Note: because the length of the cleartext isn't stored anywhere in the cipher text,
	the deciphered text will have a few garbage characters at the end.
	This doesn't matter to us because we can just eyeball the flag from the jibberish.
	"""

	import random
	import base64
	P = [27, 35, 50, 11, 8, 20, 44, 30, 6, 1, 5, 2, 33, 16, 36, 64, 3, 61, 54, 25, 12, 21, 26, 10, 57, 53, 38, 56, 58, 37, 43, 17, 42, 47, 4, 14, 7, 46, 34, 19, 23, 40, 63, 18, 45, 60, 13, 15, 22, 9, 62, 51, 32, 55, 29, 24, 41, 39, 49, 52, 48, 28, 31, 59]
	S = [68, 172, 225, 210, 148, 172, 72, 38, 208, 227, 0, 240, 193, 67, 122, 108, 252, 57, 174, 197, 83, 236, 16, 226, 133, 94, 104, 228, 135, 251, 150, 52, 85, 56, 174, 105, 215, 251, 111, 77, 44, 116, 128, 196, 43, 210, 214, 203, 109, 65, 157, 222, 93, 74, 209, 50, 11, 172, 247, 111, 80, 143, 70, 89]

	def encode(inp):
	# Padd inp with random characters for a length divisible by 64
	inp += ''.join(chr(random.randint(0, 47)) for _ in range(64 - len(inp) % 64))
	# ans will hold our encoded text
	ans = ['' for i in range(len(inp))]
	# For each block of 64 characters
	for j in range(0, len(inp), 64):
	# Iterate through each character in the block
	for i in range(64):
	# Two things happen here: First, the S list is used to shift individual characters
	# Second: the P list is used to mix/shuffle the characters in a block
	ans[j + P[i] - 1] = chr((ord(inp[j + i]) + S[i]) % 256)
	ans = ''.join(ans)
	return base64.b64encode(ans.encode('utf8')).decode('utf8')

	def decode(inp):
	# The decode operation is very similar to the encode operation
	inp = base64.b64decode(inp.encode("utf8")).decode("utf8")
	# print(inp)
	ans = ['' for i in range(len(inp))]
	for j in range(0, len(inp), 64):
	for i in range(64):
	# swap input and output indices for the mixing/shuffling
	oind = j + P[i] - 1
	iind = j + i
	# subtract S offsets instead of adding
	# I add the extra 256 because sometimes modulo of negative numbers isn't nicely defined in languages, but it shouldn't be needed in Python
	ans[iind] = chr((ord(inp[oind]) - S[i] + 256) % 256)
	ans = ''.join(ans)
	return ans


	if __name__ == '__main__':
	# enc = encode("hello, world")
	# print(enc)
	dec = decode("Wmkvw680HDzDqMK6UBXChDXCtC7CosKmw7R9w7JLwr/CoT44UcKNwp7DllpPwo3DtsOID8OPTcOWwrzDpi3CtMOKw4PColrCpXUYRhXChMK9w6PDhxfDicOdwoAgwpgNw5/Cvw==")
	print(dec)