[CRYPTO] Walzer

Ffs this one was absolute bs. Such a useless challenge.

This challenge is barely related to a Waltz, only 100% guessing and slamming ciphers together. The hints also weren’t that great… it only threw me off thinking about the beats in a Waltz (which is somewhat related) and the “step side close” for hours (which is useless). I even started drawing diagrams trying to find some square pattern following the footsteps of a Waltz.

This is definitely the worst CTF challenge I have ever seen. I am not sure what the person who approved this challenge was thinking… if that person was thinking at all at that moment.

As @sampriti said, please rate this a piece of cake and give it a thumbs down. It is a complete waste of time. Sorry @0xEA31 , I really enjoyed the CTF and Lightweight box (and learned a lot from them!), but this challenge really disappointed me.

I finally managed to solve this problem. As far as the second step I even guessed myself, using bruteforce so the whole thing is so fucked up that I don’t know what to say more about it.

Thefirst step is obvious, the next is guessing, the third step is backwardbecause the default “non-cypher” has a different shift. And that whole stuff do few times.

As @sampriti said I can choose random thing to hide with many ciphers and make a challenge. At the end i will public a hint like “you know there’s a cipher”.

Finally when i got it i saw that even flag is disabled -.-
Solving this task is like dancing a waltz to a dubstep.

At least I learned that also Cyberchef has problems to solve this challenge :wink: If you are facing the same problem (output/download makes absolutely no sense) after you created your recipe manually, just copy/paste the whole cyberchef address in a new browser tab. This should solve it.

I did smt and I got a cipher but IDK how to crack it, anyone help ?

I agree with @sampriti and @will135 100%. If HTB actually solved this based on the clue “Walzer Style” without seeing the solution , rated it 40pts and published it, then they need their heads checked. There’s no way I would have published this puzzle with that clue. Even if I saw the solution without trying to work it out first I wouldn’t have green lit this. This is just throwing crap at the wall to see what sticks. There’s no fun or reward for that.

They need better vetting. At least try to solve these before rating and publishing. As said before this challenge was nothing but trying to guess what is in the author’s head.

Even the flag format was not normal. :smiley:

@IhsanSencan said:

Even the flag format was not normal. :smiley:

Yeah, it shows the the author didn’t really have a good plan, they just chose some algos and parameters and ran with it.

Anyway I got it, maybe its worst ever crypto challenge in htb.

If need help ? you can send pm.

Yeah, I don’t know man, but I share the same opinion as my friends @R4J @sampriti @xct . How this challenge got accepted is beyond me and I’m really pissed off at whoever tested this challenge. We shouldn’t be mad at the creator, he tried to teach us something. He made a mistake and owned it. But who the fuck tested this crap and thought like “oh yea, this is fucking good, lets smash 40pts on top of it”. Well guess what. It’s fucking easy if it’s fucking solved with a guide. To all the testers, please at least try the challenges without guide. You guys aren’t perfect, we know that. But don’t fuck us over like this.

PS: I have a cool crypto challenge for you guys. Guess the number from 1-1337. Send me a DM with your guess. First blood receives a star sticker that says “master at guessing”.

UPDATE: I’m getting a lot of messages of people asking for hints. Here you go: The number is between 1 and 1337.

UPDATE 2: I’m getting a lot of messages whether 1 and 1337 are included. No, they are not.

UPDATE 3: Here’s a hint. Reverse the following piece of code and you will get the flag.

import random
print("HTB{%i}" % random.randint(2, 1337))
while challenge.submitted:
    htb.release(challenge)

You may be right, you may be wrong. But you should really support your opinions more politely. That’s being said, I leave you all alone.

Spoiler Removed

Sorry, I guess :frowning:

Spoiler Removed

My bad. Never thought this could be tagged as spoiler.

What threw me off is that in Waltz you do a certain pattern and then repeat it kind of “backwards”, but that never happens here. You’re just doing the “equivalent” to the forward movement a few times. I honestly don’t think it’s a bad challenge, but there could have been more information provided on the steps involved, since at least one of them is found literally through guessing and/or bruteforce.

Spoiler Removed

Lol it was not a spoiler. It was other text encoded the same way.

THIS JUST WAS THE WOREST CHALLANGE EVER WITH THE WOREST FLAG FORMAT I SEEN

Type your comment> @sampriti said:

Maybe I will create a challenge that requires you to guess the number I thought of in my head between 1 and 1000 and call it information asymmetry. For fucks sake.

ITS 42 ISN’T IT - YOU KNOW I’M RIGHT - GIVE ME THE FLAG NAO

Snake did nothing wrong

is waltz related to music,dance or just completely random

@0xEA31 said:
As you may have noticed in the video, basic Walzer is a repeated sequence of three steps. The teacher calls them “step”, “side”, “close”.

Since easy cryptography is involved, you should map these steps with some kind of basic cypher algorithms.

Looking at the starting position, an educated eye should catch the first “step” immediately. What about the others? You choose, but choose wisely because, after three steps, you have to be in a different place, but in the same position.

And remember: you’re dancing, come on don’t be shy, let the music flow and continue. After all, the teacher says: “we can keep that going until the end of the song”. And we do know when the music stops, don’t we?

WaltzBeat