This is the write-up for the SpOnGeBlOb Cryptography Challenge from CyHub 2023's Hac-Man CTF event. The organizers made this a creative cryptography challange by using letters to represent a binary 0s and 1s. Knowing byte orderings used to represent multibyte data types in computer memory helps in this challange.

SpOnGeBlOb ​

Description:

who lIvEs In a piNEappLe UNDer The SEA? sPonGeBOb SQuarEPaNTs! AbSOrBeNT aNd yElloW And POroUS is HE... spONgeBOB sQUarepants!

who lIvEs In a piNEappLe UNDer The SEA? sPonGeBOb SQuarEPaNTs! AbSOrBeNT aNd yElloW And POroUS is HE... spONgeBOB sQUarepants!

Solution ​

This challenge was not that hard but at the same time requires a little bit of knowladge about binary and byte orderings.

From the text provided we notice that it only has upper and lower cases so we can try converting lower cases to 0s and uppper cases to 1s.

Our team were full of developers, so the automation of something was not challenging for us, although you can use ChatGPT and ask it to generate a script to do the same.

def convert(sentence):
    binary_string = ''

    for char in sentence:
        if char.islower():
            binary_string += '0'
        elif char.isupper():
            binary_string += '1'
        elif char == ' ':
            binary_string += ''

    return binary_string

result = convert("who lIvEs In a piNEappLe UNDer The SEA? sPonGeBOb SQuarEPaNTs! AbSOrBeNT aNd yElloW And POroUS is HE... spONgeBOB sQUarepants!")
print("Result:", result)

def convert(sentence):
    binary_string = ''

    for char in sentence:
        if char.islower():
            binary_string += '0'
        elif char.isupper():
            binary_string += '1'
        elif char == ' ':
            binary_string += ''

    return binary_string

result = convert("who lIvEs In a piNEappLe UNDer The SEA? sPonGeBOb SQuarEPaNTs! AbSOrBeNT aNd yElloW And POroUS is HE... spONgeBOB sQUarepants!")
print("Result:", result)

Output:

Result: 000010101000011000101110010011101001011011000110110101101011010010001100110011001100110011101100000000

Result: 000010101000011000101110010011101001011011000110110101101011010010001100110011001100110011101100000000

This outputed "bits" count must be a number that is multiple of 8, because each letter in the flag is a byte and each byte is 8 bits, but the output has length of 102. In this case we should either add 0 or 1, or just delete some to make the count multiple of 8.

We really can try both, and after deleting exactly 6 0s to make it 96 the output result looks like this:

000010101000011000101110010011101001011011000110110101101011010010001100110011001100110011101100

000010101000011000101110010011101001011011000110110101101011010010001100110011001100110011101100

And then we pass it to a famous cryptography tool called CyberChef or any other website to convert binary to ASCII characters.

Oh no! It's not the flag, but we never back down never what? NEVER GIVE UP!!

At this point we knew that the flag is right in front of our eyes and we remembered that there are 2 types of binary orders which are Little-Endian and Big-Endian

As stated in the Wikipedia:

Endianness is the order or sequence of bytes of a word of digital data in computer memory or data communication which is identified by describing the impact of the "first" bytes, meaning at the smallest address or sent first.

Little Endian ​

In a little-endian system, the least significant byte (or the little end) is stored at the lowest memory address, and the most significant byte (or the big end) is stored at the highest memory address.

x86 and x86-64 architectures, which are very common, are examples of little-endian systems.

Big Endian ​

In a big-endian system, the most significant byte is stored at the lowest memory address, and the least significant byte is stored at the highest memory address.

Certain network protocols like the Internet Protocol (IP) use big-endian byte ordering.

TL;DR ​

Let's take hexadecimal number 0x12345678 as an example.

Little-endian: In memory: 78 56 34 12

Big-endian: In memory: 12 34 56 78

So, at this point all we have to do is to just need to swap the endianness, thankfully CyberChef has this feature, and we get the flag! 🎉🎉

Patrick-1337

Patrick-1337

Conclusion ​

In conclusion, the SpOnGeBlOb challenge provided a fascinating experience, demanding a mix of binary manipulation skills and an understanding of byte orderings.