MayADevBe Blog

A Blog about Computer Science

Krypton Level 3 -> 4 - OverTheWire Walkthrough

Published - 2023-08-17 | 4min

Previous Level: Level 2

Login

SSH: ssh krypton3@krypton.labs.overthewire.org -p 2231

Task

In the previous exercise you were able to introduce arbitrary plaintext to expose the key. In this example, the cipher mechanism is not available to you, the attacker.

However, you have been lucky. You have intercepted more than one message. The password to the next level is found in the file ‘krypton4’. You have also found 3 other files. (found1, found2, found3)

You know the following important details:

  • The message plaintexts are in English (*** very important)
  • They were produced from the same key (*** even better!)

A little bit of Theory

The problem with using one key repeatedly on a block of letters is that there will be a pattern. The more text will be encrypted with the same key the easier it is to find the pattern. Meaning, for different languages we can guess the key based on looking at the character with the biggest amount and assuming it is the character that is used most often in the English language. Quick googling will tell us that is the letter ’e’. This is based on the letter frequency and its entropy. It is used to do Frequency analysis. This is a method to break classical ciphers. Basically, you just count all letters (sometimes also combinations of letters) and based on how often they appear you assign them in order of the most frequent letters of the language.

Solution

We start by looking at the folder.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

krypton3@krypton:~$ cd /krypton/krypton3
krypton3@krypton:/krypton/krypton3$ ls -la
total 36
drwxr-xr-x 2 root     root     4096 May 19  2020 .
drwxr-xr-x 8 root     root     4096 May 19  2020 ..
-rw-r----- 1 krypton3 krypton3 1542 May 19  2020 found1
-rw-r----- 1 krypton3 krypton3 2128 May 19  2020 found2
-rw-r----- 1 krypton3 krypton3  560 May 19  2020 found3
-rw-r----- 1 krypton3 krypton3   56 May 19  2020 HINT1
-rw-r----- 1 krypton3 krypton3   37 May 19  2020 HINT2
-rw-r----- 1 krypton3 krypton3   42 May 19  2020 krypton4
-rw-r----- 1 krypton3 krypton3  785 May 19  2020 README

Looking at the ‘README’ and ‘foundX’ files, we have some ciphertext. We use frequency analysis to figure out the plaintext. For each letter (for i in {A..Z}), we take all their occurrences (tr -cd $i) of all three files (cat found1 found2 found3) and then count the characters (wc -c).

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

krypton3@krypton:/krypton/krypton3$ for i in {A..Z}; do printf $i; cat found1 found2 found3 | tr -cd $i | wc -c; done
A55
B246
C227
D210
E64
F28
G227
H4
I19
J301
K67
L60
M86
N240
O12
P2
Q340
R4
S456
T75
U257
V130
W129
X71
Y84
Z132

Now, we just make the print nicer and sort the output (sort -nr) with the highest occurrences first:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

for i in {A..Z}; do cat found1 found2 found3 | tr -cd $i | wc -c | tr -d '\n'; printf " $i \n"; done | sort -nr
456 S
340 Q
301 J
257 U
246 B
240 N
227 G
227 C
210 D
132 Z
130 V
129 W
86 M
84 Y
75 T
71 X
67 K
64 E
60 L
55 A
28 F
19 I
12 O
4 R
4 H
2 P

Now, we see that the letter S appears most often with 456 occurrences. So let’s assume the encryption is ‘E -> S’ (because ‘E’ is the most frequent letter in English). Now we look for a frequency list of letters for the English language online and get:

  • Freq list: ETAOINSRHDLUCMFYWGPBVKXQJZ
  • Cipher text: SQJUBNGCDZVWMYTXKELAFIORHP

Lastly, we map these letters to each other (like in previous levels):

1
2

krypton3@krypton:/krypton/krypton3$ cat krypton4 | tr 'SQJUBNGCDZVWMYTXKELAFIORHP' 'ETAOINSRHDLUCMFYWGPBVKXQJZ'
WELLU ISEAH ELEKE LYICN MTOOW INURO BNCAE

We can see based on the result that does not work. Now, we could look at the relationship between letters. The website https://www3.nd.edu/~busiforc/handouts/cryptography/cryptography%20hints.html has some hints. However, I just tried slightly changing the order of the frequent list until the small text made sense. The frequency is just an approximation. It is not guaranteed to be exactly the right order, especially because it is just a small text we have to count. This is obviously because it depends on the variation of letters/words used in the text that we analyse. So here is the correct order:

1
2

krypton3@krypton:/krypton/krypton3$ cat krypton4 | tr 'SQJUBNGCDZVWMYTXKELAFIORHP' 'EATSORNIHCLDUPYFWGMBKVXQJZ'
WELLD ONETH ELEVE LFOUR PASSW ORDIS XXXXX

https://overthewire.org/wargames/krypton/krypton3.html

Next Level: Level 4


Share on:
Comments:
Related Content:
Krypton Level 4 -> 5 - OverTheWire Walkthrough

A walkthrough of Level 4 -> 5 of the Krypton wargame from OverTheWire. - Vigenère Cipher.

Krypton Level 2 -> 3 - OverTheWire Walkthrough

A walkthrough of Level 2 -> 3 of the Krypton wargame from OverTheWire. - Caesar Cipher.