Author: Basse Name: Monoalphabetic Substitution Cipher Tools: The program itself ofcourse Notepad Brain (A little bit of Zen feeling and thinking ;) First of all i like to say that i haven't debugged this program in any way :) When i opened it i saw that it looked like the "Ceasar Encryption" ;) What do i mean with the "Ceasar Encryption"? That means that the letters of the Alphabet are replaced with other letters from the Alphabet. Like this: ABCDEFGHIJKLMNOPQRSTUVWXYZ DEFGHIJKLMNOPQRSTUVWXYZABC See? So if we got for example this Encrypted message: KHOOR That would Decrypt (With the above Alphabet) to: HELLO This method was used by Ceasar to Encrypt important messages, and only those could read it that had the key to Decrypt it. So other people couldn't read it :) Now this was a little introduction, let's get to the program :) We actually only need the Encrypted file "message.txt" because it holds everything we need ;) So unzip it to your Desktop for example (For quick access) and open it, you should see this: ------------------------------------------------------------------------------------------------- CDBEJXMQIXMPDBL! VDQ KDQBR MZA CDJJACM NAV FZJXLA "CJXCNAJW NAAF DB CJXCNPBE". YQM MZAJA LZDQIR YA X YPM GDJA MAUM MD GXNA PM CJXCNXYIA. IAM'L FXLMA LDGA MAUM KJDG TPB32.ZIF XB XFFIPCXMPDB LABRL GALLXEAL MD XB XBPGXMPDB CDBMJDI MD DFAB, FIXV, LMDF, XBR CIDLA MZA CDJJALFDBRPBE XSP CIPF. AXCZ GALLXEA ZXL DBA DJ GDJA GXCJDL MZXM VDQ CXB QLA PBLMAXR DK LABRPBE MZA GALLXEA AUFIPCPMIV. XKMAJ CJAXMPBE XB XBPGXMPDB CDBMJDI, XB XFFIPCXMPDB LABRL MZA XCG_DFAB GALLXEA MD DFAB XB XSP CIPF XBR IDXR PM PBMD GAGDJV. MZA GALLXEA LFACPKPAL APMZAJ MZA FXMZ DK XB .XSP KPIA DJ MZA BXGA DK XB XSP JALDQJCA. MZA LVLMAG IDXRL MZA XSP JALDQJCA KJDG MZA GDRQIA MZXM CJAXMAR MZA XBPGXMPDB CDBMJDI. PK MZA XBPGXMPDB CDBMJDI ZXL MZA XCL_XQMDFIXV LMVIA, MZA CDBMJDI YAEPBL FIXVPBE MZA XSP CIPF PGGARPXMAIV XKMAJ MZA .XSP KPIA DJ XSP JALDQJCA PL DFABAR. DMZAJTPLA, XB XFFIPCXMPDB CXB QLA MZA XCG_FIXV GALLXEA MD LMXJM MZA XSP CIPF. XB XFFIPCXMPDB CXB LMDF MZA CIPF XM XBV MPGA YV LABRPBE MZA XCG_LMDF GALLXEA. MZA IXLM KJXGA FIXVAR JAGXPBL RPLFIXVAR TZAB MZA CDBMJDI KPBPLZAL FIXVPBE MZA XSP CIPF DJ TZAB XCG_LMDF PL LABM. XB XBPGXMPDB CDBMJDI CXB LABR MTD BDMPKPCXMPDB GALLXEAL, XCB_LMXJM XBR XCB_LMDF, MD PML FXJABM TPBRDT. GDLM XFFIPCXMPDBL RD BDM ZXBRIA APMZAJ BDMPKPCXMPDB. MD CIDLA MZA .XSP KPIA DJ XSP JALDQJCA XBR JAGDSA PM KJDG GAGDJV, XB XFFIPCXMPDB CXB QLA MZA XBPGXMA_CIDLA GXCJD, TZPCZ LABRL XCG_DFAB TPMZ MZA KPIABXGA DJ JALDQJCA BXGA LAM MD BQII. P RDB'M FQM GV BXGA ,YXLLA, XM MZA ABR , P MZPBN...:-) XYCCR ------------------------------------------------------------------------------------------------- At first sight, looks like sh*t no? :) But you can already see that it only contains Alphabetic letters. (Ok, some other chars like : . - _ etc). Now how are we going to proceed with this? Let me tell you something, some years back i tried to find a lot of cheats for games with just my Hex Editor :) I opened the .exe's and searched for any "weird" kind of strings. I remember Turok 2 (I believe it was 2) for example. It had some weird strings which were "probably" the cheats, but they weren't readable (Why did i think these were the Cheats? because they only hold the letters of the Alphabet, no weird chars). So then you proceed like this: create the Alphabet (ABCDEFGHIJKLMNOPQRSTUVWXYZ) and then try to create valid readable strings out of those unreadable strings by replacing those letters with other letters from the Alphabet. Most of the time (Atleast for those games) there was some logic in it (Like i shown in the above example, where the letters are moved 3 places to the left). So then you start replacing the letters with other letters, but because of the logic you can also replace the other letters. If something readable comes out of it, then we got the correct letter combination :) But sometimes the logic is pretty weird as with Turok 2 ;) (But there was a logic...) So, now i actually have already explained the kind of attack were going to use with this Encryption. Let's examine the first 2 lines of the Encrypted file "message.txt": ------------------------------------------------------------------------------------------------- CDBEJXMQIXMPDBL! VDQ KDQBR MZA CDJJACM NAV FZJXLA "CJXCNAJW NAAF DB CJXCNPBE". ------------------------------------------------------------------------------------------------- Hmm, notice the "!" and """ and ".", looks already like there could be a normal line when Decrypted ;) Especially notice the "!" at the first line. It looks like some sortof scream or heavy expression hehe, so what could it be? :) You must also think that when we Decrypted this file we should probably get something like: "Great! you solved it." But "Great!" is too small, so i immediatly thought about "Congratulations!" or something similiar. And guess what? "Congratulations!" has the same size as the Encrypted line :) So we got a start, why not try it? We got this now: ------------------------------------------------------------------------------------------------- CDBEJXMQIXMPDBL! congratulations! ------------------------------------------------------------------------------------------------- Encrypted Decrypted C = c D = o B = n E = g J = r X = a M = t Q = u I = l X = a M = t P = i D = o B = n L = s ! = ! (These chars keep the same, because we only use Alphabetic letters) First create the Alphabet normally: ABCDEFGHIJKLMNOPQRSTUVWXYZ then write below this Alphabet the letters from the Encrypted word with the corresponding letters from the Alphabet, and we get this: ABCDEFGHIJKLMNOPQRSTUVWXYZ NCOG LR ST IU A We already got quite some letters :) Btw, i already make them all UPPERCASE it doesn't matter very much ;) This means now that we can already replace some letters with the correct letters in the second Encrypted line. So now we can create this: ------------------------------------------------------------------------------------------------- VDQ KDQBR MZA CDJJACM NAV FZJXLA "CJXCNAJW NAAF DB CJXCNPBE". OU OUN T CORR CT RAS "CRAC R ON CRAC ING". ------------------------------------------------------------------------------------------------- Hmm... Now we need to find other words so we can add other letters to our Alphabet :) Notice the 4th (CORR CT) and the 10th (CRAC ING) words? These are almost complete and also it's very obvious what they should be ;) So that means that we can add 2 other letters to our Alphabet, namely: A = E (From CORRECT) N = K (From CRACKING) Now our Alphabet looks like this: ABCDEFGHIJKLMNOPQRSTUVWXYZ ENCOG LR STK IU A And now we can also expand our Decrypted second line a little more, we got this now: ------------------------------------------------------------------------------------------------- VDQ KDQBR MZA CDJJACM NAV FZJXLA "CJXCNAJW NAAF DB CJXCNPBE". OU OUN T E CORRECT KE RASE "CRACKER KEE ON CRACKING". ------------------------------------------------------------------------------------------------- It's becoming more and more a readable line :) Now notice these 2 words: "CRACKER " and "KEE ". Obviously the first word will become "CRACKERS" so that means that W = S. And the second word will become "KEEP" (Because of that whole line, CRACKERS KEEP ON CRACKING) so that means that F = P. Let's add these 2 letters to our Alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZ ENCOGP LR STK IU SA Hmm.. notice that S appears two times? :) Let's Decrypt the second line a little more: ------------------------------------------------------------------------------------------------- VDQ KDQBR MZA CDJJACM NAV FZJXLA "CJXCNAJW NAAF DB CJXCNPBE". OU OUN T E CORRECT KE P RASE "CRACKERS KEEP ON CRACKING". ------------------------------------------------------------------------------------------------- Now let's take the 2 words "KE " and "P RASE". If you've opened the program itself you saw that it asks for a "Key Phrase" guess what? ;) We can add 2 more letters namely: V = Y Z = H Our Alphabet gets bigger: ABCDEFGHIJKLMNOPQRSTUVWXYZ ENCOGP LR STK IU YSA H And our second line gets more Decrypted: ------------------------------------------------------------------------------------------------- VDQ KDQBR MZA CDJJACM NAV FZJXLA "CJXCNAJW NAAF DB CJXCNPBE". YOU OUN THE CORRECT KEY PHRASE "CRACKERS KEEP ON CRACKING". ------------------------------------------------------------------------------------------------- Just 2 more letters to go, and i think you can already guess what they are... ;) Yes the second word will be "FOUND" so that means: K = F R = D Our Alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZ ENCOGP LRFSTK IUD YSA H And now we Decrypted the second line completely: ------------------------------------------------------------------------------------------------- VDQ KDQBR MZA CDJJACM NAV FZJXLA "CJXCNAJW NAAF DB CJXCNPBE". YOU FOUND THE CORRECT KEY PHRASE "CRACKERS KEEP ON CRACKING". ------------------------------------------------------------------------------------------------- whoohoo :P It's also nice that this line says the correct Key Phrase "CRACKERS KEEP ON CRACKING". Now if you would enter this in the program itself to Decrypt this file "message.txt" then it gets Decrypted completely, but due to a bug it doesn't Decrypt correctly :) You can also continue to Decrypt the other lines of the Encrypted text by using (And everytime expanding) our Alphabet :) Maybe now you're wondering "What's the logic behind this Alphabet?". Well, to be honest at the time i'm writing this, i discovered the logic (And the bug!) ;)) Because we got the Key Phrase "CRACKERS KEEP ON CRACKING", now write below of it the letters we found from our Alphabet: CRACKERS KEEP ON CRACKING CDECFGD FGGI K CDECFLK If you remove the repeating letters we get this: CDEFGIKL As you can see we miss a few letters namely: HJ and M (The M because of the last G in the Key Phrase) Hmm looks like a nice Alphabet form :) So the first letter of the Key Phrase will be the starting point in the Alphabet. Then every different letter in the Key Phrase will get the next letter of the Alphabet. So if it would begin with C it gets the letter C, but if further in the Key Phrase the C appears again it will still hold the letter C, and not D :) We can put the missing letters above with the right letter from the Key Phrase which will be: S = H O = J G = M But what about the other letters which are not in the Key Phrase but they exist in the Encrypted message? With a little bit of looking and logical thinking i saw that it just continues with the Alphabet and starts at the beginning of the Alphabet. So that means we ended up with the combination G = M. The next "unused" letter in the Alphabet is B (It doesn't appear in the Key Phrase). So that makes B = N Then the next letter is D (Not used in the Key Phrase). Which will become D = O (And that's true as we found that while Decrypting). And so on... :) Btw: the "spaces" in the Key Phrase are just discarded (Like i said before it only uses the letters of the Alphabet). And now about the bug, because the message doesn't get Decrypted correctly with this Key Phrase. Why's that? As you can see above we found that H belongs to the letter S from the Key Phrase. But in our Alphabet we found that H also belongs to the letter Z. And earlier we found that the S appears twice in our Alphabet. Kinda weird huh? ;) Ok, while i looked a bit at the whole stuff it started to get a little fuzzy ;) Or maybe it's just that i'm a little tired now, i should get some sleep :P The Decryption gets totally messed up and doesn't works anymore like the logic we found. I'm gonna sleep. The next Day... Whoah, man i slept good heh ;) I decided to check the program itself to see if there was anything that could be helpfull to explain this bug, and there was something ;) Open the program and then Decrypt the file "message.txt" with the Key Phrase: "CRACKERS KEEP ON CRACKING" (Without the quotes). Now notice in the top right corner the Alphabet. ------------------------------------------------------------------------------------------------- YZCRAKESPONIGBDFHJLMQTUVWX ------------------------------------------------------------------------------------------------- 26 letters, so let's put the Alphabet below it: ------------------------------------------------------------------------------------------------- YZCRAKESPONIGBDFHJLMQTUVWX ABCDEFGHIJKLMNOPQRSTUVWXYZ ------------------------------------------------------------------------------------------------- Notice something? :) Our logic started at the letter C. And you can see here that everything was correct as we found out. But at the letter V it's getting messed up. According to our logic the letter V belongs to Y. While it here belongs to X :) Actually this should be ok, because the Alphabet just will be filled up with the rest of the letters, but the message will be Decrypted wrong because of the words and the logic :) Anyway, i'll leave it to this i'm now gonna quit with this Tutorial, it's enough already :P There are also some other bugs like: Bug 1 Open the program itself and it automatically opens "message.txt". Then type as Key Phrase " " (Without the quotes). Now press Crypt or Decrypt and the program crashes. Possible cause, the program handles the chars incorrectly which doesn't belong to the Alphabet :) (It only happens to the " " as far as i know ;) Bug 2 Open the program itself and it automatically opens "message.txt". Then type as Key Phrase "#" (With the quotes, # can be anything except the space). Now press Crypt and then Decrypt (Or in reverse Decrypt/Crypt) and the program crashes. Maybe this is the opposite bug of Bug 1 :P Bug 3 Open the program itself and clear the data window (So there's no text to Encrypt). Now type any Key Phrase you want and press Crypt or Decrypt and the program crashes :) Ok, that's all for now, i'm gonna quit with this. --- COMMENTS Nice Encryption technique, reminds me of when i was searching for cheats ;)) But the Encryption is very weak (As Basse himself already said in the info.txt file) and as this one contains a bug :( Anyway, it's still very nice to write about it and i could still go on but i think i would only confuse you more if i haven't already? :) I hope it still was fun to read and to follow and that you learned something from it, if not then it was fun for me to write hehe ;) --- GREETS Basse ofcourse for this nice Encryption program :) And uhm... "Everyone i know and everyone who knows me !!!" Don't trust the Outside, Trust the InSiDe !!! Cya... CoDe_InSiDe Homepage: http://members.home.nl/code.inside Unpacking page: http://www.lunarpages.com/codeinside Email: code.inside@home.nl