Given a php file as coder and an encoded file, Find the flag.


In encypher code the $key is initially [0, 0]. After reading Huge Key file and the nested fors, the key will become (using python notation):

# hk = huge key

key[0] = hk[-2] ** hk[-4] ** ... ** hk[0] ** key[0]
key[1] = hk[-1] ** hk[-3] ** ... ** hk[1] ** key[1]

Well, looks like neither key nor hk are not recoverable. But to decode the input we don’t need the huge key, only key is enough.
With running this piece of php code we can find out the size of initialization vector:

It will output 16, since the output file is prepended with iv this is very helpful in decoding.

Key has 256 * 256 possible values which can be found in a moderately good time with brute-forcing.


Note that if you have php binaries installed on your OS, you don't need a webserver to run this code. simply call it from terminal.

$ php decode.php