the floor is java

Description

CTF: Whitehacks 2022

Author: xbowery

Difficulty: Easy

We found some weird message that was accompanied within this file, can you decode this message and unlock the flag?

Reverse.class

message.txt

Solution

Pwned by @skytect (opens in a new tab)

We get a compiled Reverse.class file, so let's decompile it to get the source code. We can do this at jdec.app (opens in a new tab).

After that, we get this source code:

/* Decompiler 123ms, total 1639ms, lines 82 */
import java.util.Scanner;
 
public class Reverse {
    public static String encode_1(String var0) {
        String[] var1 = var0.split("");
        String var2 = "";
 
        int var3;
        for (var3 = 0; var3 < var0.length(); var3 += 2) {
            var2 = var2 + var1[var3];
        }
 
        for (var3 = 1; var3 < var0.length(); var3 += 2) {
            var2 = var2 + var1[var3];
        }
 
        return var2;
    }
 
    public static String encode_2(String var0) {
        char[] var1 = var0.toCharArray();
        int[] var2 = new int[] { 39, 18, 16, 3, 2, 10, 14, 4, 11, 37, 8, 5, 6, 31, 9, 12 };
        int var3 = var2.length;
 
        for (int var4 = 0; var4 < var1.length; ++var4) {
            var1[var4] = (char) (var1[var4] - var2[var4 % var3]);
        }
 
        String var6 = "";
 
        for (int var5 = 0; var5 < var1.length; ++var5) {
            var6 = var6 + var1[var5];
        }
 
        return var6;
    }
 
    public static String encode_3(String var0) {
        String[] var1 = var0.split("");
        String var2 = "";
 
        int var3;
        for (var3 = var0.length() / 2; var3 < var0.length(); ++var3) {
            var2 = var2 + var1[var3];
        }
 
        for (var3 = 0; var3 < var0.length() / 2; ++var3) {
            var2 = var2 + var1[var3];
        }
 
        return var2;
    }
 
    public static String encode_4(String var0) {
        char[] var1 = var0.toCharArray();
 
        int var3;
        for (int var2 = 0; var2 < var0.length() / 2; ++var2) {
            var3 = var0.length() - var2 - 1;
            char var4 = var1[var2];
            var1[var2] = var1[var3];
            var1[var3] = var4;
        }
 
        String var5 = "";
 
        for (var3 = 0; var3 < var1.length; ++var3) {
            var5 = var5 + var1[var3];
        }
 
        return var5;
    }
 
    public static void main(String[] var0) {
        Scanner var1 = new Scanner(System.in);
        System.out.print("Enter your string: ");
        String var2 = var1.nextLine();
        var1.close();
        System.out.println(encode_3(encode_4(encode_1(encode_2(var2)))));
    }
}

We can attempt to manually reverse engineer this. I did it using this python script:

cipher = ",hj*Y/bOi-(Tm0\"0qH,O[d2!'@qG-(-6"
print(cipher)
 
# encode_3
front = cipher[:len(cipher)//2]
back = cipher[len(cipher)//2:]
cipher = back + front
print(cipher)  # qH,O[d2!'@qG-(-6,hj*Y/bOi-(Tm0"0
 
# encode_4
front = cipher[:len(cipher)//2]
back = cipher[len(cipher)//2:]
cipher = ''.join([*reversed(back), *reversed(front)])
print(cipher)  # 0"0mT(-iOb/Y*jh,6-(-Gq@'!2d[O,Hq
 
# encode_1
x = ''
for i in range(len(cipher) // 2):
    x += cipher[i]
    x += cipher[len(cipher)//2+i]
cipher = x
print(cipher)  # 06"-0(m-TG(q-@i'O!b2/dY[*Oj,hH,q
 
# encode_2
x = ''
k = [39, 18, 16, 3, 2, 10, 14, 4, 11, 37, 8, 5, 6, 31, 9, 12]
for i, c in enumerate(cipher):
    x += chr(ord(c) + k[i % len(k)])
print(x)  # WH2022{1_l0v3_r3v3r51ng_5tr1ng5}

WH2022{1_l0v3_r3v3r51ng_5tr1ng5}

Puddi Puddi Bug Bug Infestation