Challenge Files#

We have two components:

1. convert.py - The encoder/encryption program that shows us the algorithm
2. ciphertext - The encrypted message we need to decrypt

How the Encryption Works#

Here’s the complete encoder program:

1
import sys
2
chars = ""
3
from fileinput import input
4
for line in input():
5
  chars += line
6

7
lookup1 = "\n \"#()*+/1:=[]abcdefghijklmnopqrstuvwxyz"
8
lookup2 = "ABCDEFGHIJKLMNOPQRSTabcdefghijklmnopqrst"
9

10
out = ""
11

12
prev = 0
13
for char in chars:
14
  cur = lookup1.index(char)
15
  out += lookup2[(cur - prev) % 40]
16
  prev = cur
17

18
sys.stdout.write(out)

Breaking down the algorithm:

1. Reading Input:

   1
   from fileinput import input
   2
   for line in input():
   3
     chars += line
   

   • fileinput.input() reads from files passed as command-line arguments (or stdin)
   • This loops through each line in the input file
   • All lines are concatenated into the chars variable
   • So if the plaintext file has multiple lines, they’re all combined into one string

2. The Lookup Tables:

   • lookup1 = \n "#()*+/1:=[]abcdefghijklmnopqrstuvwxyz (41 characters - valid plaintext alphabet)
   • lookup2 = ABCDEFGHIJKLMNOPQRSTabcdefghijklmnopqrst (40 characters - valid ciphertext alphabet)

3. Differential Encoding Process:

   • For each character in the input plaintext:
     • Find its position in lookup1 (call this cur)
     • Calculate the difference from the previous position: (cur - prev) % 40
     • Use this difference as an index into lookup2 to get the encrypted character
     • Save the current position as prev for the next iteration

4. The “Cyclical” Part:

   • The modulo 40 operation wraps differences around, creating a cyclic pattern
   • This is why it’s called the “Custom Cyclical Cipher”

Example Walkthrough#

Let’s say we’re encrypting “ab”:

• First character ‘a’:

  • Index in lookup1: 33
  • prev = 0
  • difference = (33 - 0) % 40 = 33
  • lookup2[33] = ‘h’
  • Output: ‘h’, prev = 33

• Second character ‘b’:

  • Index in lookup1: 34
  • prev = 33
  • difference = (34 - 33) % 40 = 1
  • lookup2[1] = ‘B’
  • Output: ‘B’, prev = 34

• Final ciphertext: “hB”

The Encrypted Message#

1
DLSeGAGDgBNJDQJDCFSFnRBIDjgHoDFCFtHDgJpiHtGDmMAQFnRBJKkBAsTMrsPSDDnEFCFtIbEDtDCIbFCFtHTJDKerFldbFObFCFtLBFkBAAAPFnRBJGEkerFlcPgKkImHnIlATJDKbTbFOkdNnsgbnJRMFnRBNAFkBAAAbrcbTKAkOgFpOgFpOpkBAAAAAAAiClFGIPFnRBaKliCgClFGtIBAAAAAAAOgGEkImHnIl

This is what we need to decrypt.

Reversing the Encryption#

Since encryption uses only addition and modulo, it’s easily reversible:

Encryption: difference = (cur - prev) % 40 → lookup2[difference]

Decryption: We reverse this:

• Find the encrypted character in lookup2 to get the difference
• Add the difference to prev: cur = (difference + prev) % 40
• Look up the character in lookup1
• Update prev for the next character

Decryption Script#

1
lookup1 = "\n \"#()*+/1:=[]abcdefghijklmnopqrstuvwxyz"
2
lookup2 = "ABCDEFGHIJKLMNOPQRSTabcdefghijklmnopqrst"
3

4
ciphertext = "DLSeGAGDgBNJDQJDCFSFnRBIDjgHoDFCFtHDgJpiHtGDmMAQFnRBJKkBAsTMrsPSDDnEFCFtIbEDtDCIbFCFtHTJDKerFldbFObFCFtLBFkBAAAPFnRBJGEkerFlcPgKkImHnIlATJDKbTbFOkdNnsgbnJRMFnRBNAFkBAAAbrcbTKAkOgFpOgFpOpkBAAAAAAAiClFGIPFnRBaKliCgClFGtIBAAAAAAAOgGEkImHnIl"
5

6
plaintext = ""
7
prev = 0
8

9
for char in ciphertext:
10
    # Step 1: Find the difference from lookup2
11
    diff = lookup2.index(char)
12

13
    # Step 2: Calculate the original index
14
    cur = (diff + prev) % 40
15

16
    # Step 3: Get the plaintext character
17
    plaintext += lookup1[cur]
18

19
    # Step 4: Update prev for next iteration
20
    prev = cur
21

22
print(plaintext)

Running the Script#

1
$ python decrypt.py ciphertext
2
#asciiorder
3
#fortychars
4
#selfinput
5
#pythontwo
6

7
chars = ""
8
from fileinput import input
9
for line in input():
10
    chars += line
11

12
for i in range(len(chars)):
13
    if i == b * b * b:
14
        print chars[i] #prints
15
        b += 1 / 1

Understanding the Decrypted Output#

The decrypted text is actually a Python script! Looking at it carefully:

• Comments: #asciiorder, #fortychars, #selfinput, #pythontwo
• A loop that prints characters at specific positions: where i == b * b * b

This means it prints at positions: 1³=1, 2³=8, 3³=27, 4³=64, 5³=125, 6³=216… (perfect cubes!)

Fixing the Script#

The decrypted script had some issues (using / instead of proper integer, old Python 2 syntax):

1
#asciiorder
2
#fortychars
3
#selfinput
4
#pythontwo
5

6
chars = ""
7
from fileinput import input
8
for line in input():
9
    chars += line
10

11
b = 1
12

13
for i in range(len(chars)):
14
    if i == b * b * b:
15
        print(chars[i], end='')  # Fixed: Python 3 syntax
16
        b += 1

Changes made:

1. Changed b = 1 / 1 to b = 1 (proper integer)
2. Changed print chars[i] to print(chars[i], end='') (Python 3 syntax)
3. Changed b += 1 / 1 to b += 1 (proper increment)

Extracting the Flag#

Running the fixed script extracts characters at cube positions:

• Position 1 (1³): ‘a’
• Position 8 (2³): ‘d’
• Position 27 (3³): ‘l’
• Position 64 (4³): ‘i’
• Position 125 (5³): ‘b’
• Position 216 (6³): ‘s’

The hidden flag: adlibs

1
$ cat decrypted.txt | python solve.py
2
adlibs

âš¡ Raikiri

🎉 Flag pwned!

Final answer: picoCTF{adlibs}

💡 TL;DR / Lesson Learned

✅ Differential Encoding - Encrypting based on differences between consecutive positions
✅ Lookup Tables - Using predefined character mappings for substitution
✅ Modular Arithmetic - The % 40 creates the cyclic behavior
✅ Stateful Cipher - The cipher maintains state (prev) affecting each character
✅ Reversible Operations - Addition and modulo are easily reversed for decryption
✅ Layered Puzzles - The plaintext itself contains another puzzle (cube position extraction)