03 Cryptography Demo

Topic Progress:

When we were examining the metadata of the files, we noticed that some of them appeared to have letters and numbers in a comment section, but no readable text. Two questions:

  1. Is the number-text a form of encrypted text?
  2. What does the number-text mean?

Let’s look closer: fileA and fileB had number-text in the description metadata field.

Cryptography Demo Step 1

From our table of conversions from ASCII to other bases, it seems like this could be decimal-encoded ASCII.

Creating a Decimal-to-ASCII Converter

We want to create a simple Python script that will take in the decimal-encoded text and convert it to readable ASCII text. You can do this on your own, but we’ll step through creating the converter. For this demo, we’ll assume you have a basic understanding of Python or programming.

Since the decimal-encoded text is quite long, it would probably be easier to put it a text file and input that file name.

Ex. In command line: python dec-ascii_convert.py decin.txt

Cryptography Demo Step 3

Filename as argument in command line:

Need sys module to read arguments [Ln 1] The filename should be the first argument [Ln 3]

Read data from file:

Decimal-encoded text will be read as string from given filename [Ln 5]

Cryptography Demo Step 4

Read each individual number:

Notice numbers are separated by spaces.

Create list of numbers by splitting string on spaces [Ln 6]

Cryptography Demo Step 5

Convert list of decimal strings to characters:

Start with empty string to add characters to [Ln 8] Iterate through all decimal strings in list [Ln 10] Convert each decimal string to its integer (“99” -> 99) [Ln 11] Convert to its character (99 -> c) [Ln 11] Add to end of string [Ln 11]

Cryptography Demo Step 6

Decode the metadata:

The decoded text certainly doesn’t look anything like readable. But it does look a lot like base 64 encoded text. Maybe there’s another level of encoding.

Cryptography Demo Step 7

Creating a Base 64 to ASCII Converter

Next, we’ll create a converter in Python from base 64-encoded text to ASCII text. Again, you can follow along or create your own. Since the data is rather long, it would probably be a good idea to input it via a file and take the filename as an argument.

Cryptography Demo Step 8

Filename as argument in command line:

Need sys module to read arguments [Ln 1] The filename should be the first argument [Ln 4]

Read data from file:

Base 64-encoded text will be read as string from given filename [Ln 6]

Cryptography Demo Step 9

Convert the base 64-encoded text to ASCII:

We need to import the base 64 module [Ln 1]

We can then decode the string with the base64.decode function.

Cryptography Demo Step 10

Decode the metadata … again.

Again, the decoded text doesn’t look readable. But this time it looks like it could be hexadecimal-encoded text. Maybe the third time’s the charm.

Cryptography Demo Step 11

Creating a Hexadecimal-to-ASCII Converter

This time, we’ll need to make a converter from hexadecimal-encoded text to ASCII text. As before, let’s step through the code needed to create a Python script to do this. We’ll input the data from a file since it seems long.

Cryptography Demo Step 12

Filename as argument in command line:

Need sys module to read arguments [Ln 1] The filename should be the first argument [Ln 3]

Read data from file:

Hexadecimal-encoded text will be read as string from given filename [Ln 5]

Cryptography Demo Step 13

Format the string to be a single hexadecimal string:

Remove spaces and the newline character at the end of the string [Ln 6]

Cryptography Demo Step 14

Decode the hexadecimal string:

Use the .decode(“hex”) function [Ln 8]

Cryptography Demo Step 15

Aha! Actual text we can read! It appears that there are two people involved, Dealer201 and GirlInWhite, and that they’re involved in “borrowing” (probably stealing) something. The fact that this message was encoded three times and hidden in the metadata makes their activities seem just a little bit suspicious.

Cryptography Demo Step 16