This is my write-up for Hack the Box – Bank Heist Crypto Challenge.
Challenge Instructions
You get to the scene of a bank heist and find that you have caught one person. Under further analysis of the persons flip phone you see a message that seems suspicious. Can you figure out what the message to put this guy in jail?
After download and open the challenge file, you find the follow message:
444333 99966688 277733 7773323444664 84433 22244474433777, 99966688 277733 666552999. 99966688777 777744277733 666333 84433 443344477778 4447777 44466 99966688777 4466688777733. 84433 5533999 8666 84433 55566622255 4447777 22335556669. 4666 8666 727774447777.
47777888 995559888 4555 47777888 44999988 666555997 : 8555444888477744488866888648833369!!
An unusual cipher is presented, but, the “key” to understand what was used to encrypt the message is that message contains only number (and punctuation). That is an string indicator of that message was created using an old message text mode called Multi-Tap (Ref: https://en.wikipedia.org/wiki/Multi-tap).
To Decode this message, the Multi-Tap Decoder Tool (https://github.com/guibacellar/th3ctf) was used and produces the follow message:
IF YOU ARE READING THE CIPHER, YOU ARE OKAY. YOUR SHARE OF THE HEIST IS IN YOUR HOUSE. THE KEY TO THE LOCK IS BELOW. GO TO PARIS.
GSV XLWV GL GSV HZU OLXP : TLIVGRIVNVMGUFMW!!
OK, the first part of the message seen’s look OK, but the second one…
After trying many, literally, many cipher algorithms, I figure out that was used the “Atbash” cipher (Ref: https://en.wikipedia.org/wiki/Atbash), that basically reverse the letters 😉
So, applying the “Atbash”to the second part of the message, we got:
THE CODE TO THE SAF LOCK : GORETIREMENTFUND!!
TIP
Apply Atbash decode using CyberChef > https://gchq.github.io/CyberChef/#recipe=Atbash_Cipher()&input=R3MzIDB5aHZpZXpnbGkgZHpoIFN2aXYgOyk
Than, finally we got our flag 😉