Blog about life.

OlympicCTF: Binathlon 400 write-up

This task was unusual and old school.

So we got .tap file, obviously it’s a tape for ZX Spectrum. Let’s load it and check what it contains. I used Unreal Speccy because it is free and it has a built-in debugger.

After loading we will see a typical crackme with nice music. At the center we can see some random pixels, probably the flag will be displayed there.

Let’s enter a password there:

Now we can save the .SNA (full dump of memory) file for our analysis. We can load the ZX .sna file to IDA PRO using following parameters:

According to the .SNA format description offset 0x17 contains “entry point”: 0x5FFA

After a short analysis we can spot entered password at 0x810B:

We can set a Read Memory Access breakpoint to this address via Unreal Speccy (Press ESC for debugger and then ALT+C for Breakpoint Manager)

Debugger hits at 0x61B0:

As we can see register DE contains a pointer to our password.

Let’s do some analysis:

So basically it calculates some a 16-bit hash of entered password. Afterwards it tries to decrypt 0x100 bytes at 0x60A9 using the hash as key value.

To figure out the algo we can ask google for the constants we see used in the cryptographic code: 0x3720, 0xC6EF, 0x79B9, 0x9E37. And the answer is TEA.

Since the hash based on our password is limited to 0xFFFF combinations, we can try to decrypt the data using all possible keys.

This slow python script generates all the possible keys and saves the decrypted data to a separate file for each key. After running it we will have 65535 files. But how to detect which file contains the right data?

Since the decrypted data is used for drawing, I work off the assumption that it contains a lot of identical bytes like 0x00 or 0xFF. To check this theory we should calculate the entropy of every file. The file with the lowest entropy is likely the correct answer.

To check entropy we can use tools like Ent or modify the python script to calculate the entropy of the decrypted data for every key.

But if you are lazy like me then you can just compress it with WinRAR using solid compression. The file that has the best compression has the lowest entropy:

Let’s set the HL register to 0x7DFB and check what happens:

Yep, it’s the flag.

Thanks to MSLC for the awesome task.