bad crypto challenge

markcunningham

I posted this around to a few people and I figured i'd stick it up here.

I've written a some very badly implemented crypto in php. I've included a readme, encryption and decryption script and a file that was encrypted using the script.

I've had mixed reactions to it, some get it pretty much instantly, others are really stumped.

I'll tell you this, you don't need to be an expert in crypto to get it.

Boards.ie it seems doesn't like tar.gz so i've plonked it ongithub. Here's a link

https://raw.github.com/markcunninghamgit/bad-crypto-challenge/master/crypto-challenge.tar.gz

Let me know what you think


= Cracked by =
1: Monkeyboy

Razzen

Nice challenge, enjoyed it.

My php was very rusty but still managed to crawl through it.

markcunningham

Quick clarification. The point is to find and break the -vulnerability- Breaking the file by pure luck doesn't count.

So whatever method you use to crack it, it must work for any encrypted file created with this. Also apparently I can't edit my first post any more so I threw it up here with a list of people who cracked it. http://markcunninghamblog.blogspot.ie/2012/12/bad-crypto-challenge.html
Congrats to everyone who has so far.

h57xiucj2z946q

This one was really good fun, cheers.