Bits and Bytes Security

Hack The Box / Challenges / Crypto / Bank Heist

Using the following code we map the phone key pad to letters:

msg = """444333 99966688 277733 7773323444664 84433 22244474433777, 99966688 277733 666552999. 99966688777 
777744277733 666333 84433 443344477778 4447777 44466 99966688777 4466688777733. 84433 5533999 8666 84433 
55566622255 4447777 22335556669. 4666 8666 727774447777.

47777888 995559888 4555 47777888 44999988 666555997 : 8555444888477744488866888648833369!!"""

phone = [
    ('C',	'222'),
    ('B',	'22'),
    ('A',	'2'),
    ('F',	'333'),
    ('E',	'33'),
    ('D',	'3'),
    ('I',	'444'),
    ('H',	'44'),
    ('G',	'4'),
    ('L',	'555'),
    ('K',	'55'),
    ('J',	'5'),
    ('O',	'666'),
    ('N',	'66'),
    ('M',	'6'),
    ('S',	'7777'),
    ('R',	'777'),
    ('Q',	'77'),
    ('P',	'7'),
    ('V',	'888'),
    ('U',	'88'),
    ('T',	'8'),
    ('Z',	'9999'),
    ('Y',	'999'),
    ('X',	'99'),
    ('W',	'9')
]

text = ""
while len(msg):
    found=False
    for c, n in phone:
	    if not (msg.find(n) == 0):
		    continue
	    text += c
	    msg = msg[len(n):]
	    found=True
	    break
    if not found:
	    text += msg[0]
	    msg = msg[1:]

print(text)
print("msg=",msg)

This leads to the following message:

IF YOU ARE READING THE CIPHER, YOU ARE OKAY. YOUR SHARE OF THE HEIST IS IN YOUR HOUSE. THE KEY TO THE LOCK 
IS BELOW. GO TO PARIS.

GSV XLWV GL GSV HZU OLXP : TLIVGRIVNVMGUFMW!!

Which contains another ciphertext in the second line. Looking at it seems like a classical cipher (we’ve a repeating 3 letter word, the ponctuation characters are not encrypted) After trying ceasar, rot, and mono-alphabetic crackers I got luck with Affine cipher.

The Affine cipher uses the following formula to cipher x:

y = Ax + B mod 26

Also, a message encrypted by Affine has a coincidence index close to the plain text language’s one. So it would be smart to calculate this CI prior to testing different ciphers: 0.06218 and English text has a value of 0.0667!

Anyway, cracking the Affine cipher using dcode.fr tools we get the following message:

A=25,B=25	THE CODE TO THE SAF LOCK : GORETIREMENTFUND!!

There it is!