sekur julius
3 minutos de lectura
Se nos proporciona el código fuente en Python para cifrar la flag:
from random import choices
import os
def julius_encrypt(msg, shift):
ct = ''
for p in msg:
if p == ' ':
ct += '0'
elif not ord('A') <= ord(p) <= ord('Z'):
ct += p
else:
o = ord(p) - 65
ct += chr(65 + (o + shift) % 26)
return ct
def encrypt(msg, key):
for shift in key:
msg = julius_encrypt(msg, shift)
return msg
msg = open('secret.txt').read().upper()
secure_key = os.urandom(1337)
with open('output.txt', 'w') as f:
f.write(encrypt(msg, secure_key))
Y esta es la salida del script:
JRYPBZR0GB0UNPXGUROBB0GJBGUBHFNAQGJRAGLSBHE!0GUVF0VF0N0CEBBS0BS0PBAPRCG0GB0CEBIR0LBH0GUNG0GUR0PNRFNE0PVCURE0VF0VAFRPHER0AB0ZNGGRE0UBJ0ZNAL0GVZRF0LBH0NCCYL0VG.0GUR0FRPHEVGL0BS0N0GUBHFNAQ0QVFGVAPG0FUVSGF0VF0RIRAGHNYYL0GUR0FNZR0NF0GUNG0BS0N0FVATYR0FUVSG.0RABHTU0ZHZOYVAT,0GNXR0LBHE0SYNT0NAQ0RAWBL0GUR0ERFG0BS0GUR0PBAGRFG.0ZNXR0FHER0LBH0JENC0GUR0SBYYBJVAT0GRKG0JVGU0GUR0UGO0SYNT0SBEZNG0GURRSSRPGVIRXRLFCNPRBSPNRFNEQRCRAQFBAGURFVMRBSGURNYCUNORG.
Análisis del código fuente
Un vistazo rápido a julius_encrypt nos dice que está usando un cifrado César (el nombre del reto es una especie de pista):
def julius_encrypt(msg, shift):
ct = ''
for p in msg:
if p == ' ':
ct += '0'
elif not ord('A') <= ord(p) <= ord('Z'):
ct += p
else:
o = ord(p) - 65
ct += chr(65 + (o + shift) % 26)
return ct
Esto significa que el cifrado es un simple cifrado de sustitución donde cada letra de texto claro se desplaza un numero fijo de veces para obtener la letra de texto cifrado:
$ python3 -q
>>> def julius_encrypt(msg, shift):
... ct = ''
... for p in msg:
... if p == ' ':
... ct += '0'
... elif not ord('A') <= ord(p) <= ord('Z'):
... ct += p
... else:
... o = ord(p) - 65
... ct += chr(65 + (o + shift) % 26)
... return ct
...
>>> julius_encrypt('ASDF', 3)
'DVGI'
Sin embargo, hay una función encrypt que envuelve el uso de julius_encrypt:
def encrypt(msg, key):
for shift in key:
msg = julius_encrypt(msg, shift)
return msg
Implementa un cifrado César iterado… ¿Es esto más seguro?
Solución
Bueno, dado que el cifrado César es solo un desplazamiento, sucede que un desplazamiento de 26 deja el texto claro intacto:
>>> julius_encrypt('ASDF', 26)
'ASDF'
Como resultado, no importa cuántas veces apliquemos julius_encrypt, porque el desplazamiento se puede asignar a un valor que entre 0 y 25.
Por lo tanto, simplemente podemos aplicar fuerza bruta al desplazamiento y encontrar el texto claro correcto:
>>> ciphertext = 'JRYPBZR0GB0UNPXGUROBB0GJBGUBHFNAQGJRAGLSBHE!0GUVF0VF0N0CEBBS0BS0PBAPRCG0GB0CEBIR0LBH0GUNG0GUR0PNRFNE0PVCURE0VF0VAFRPHER0AB0ZNGGRE0UBJ0ZNAL0GVZRF0LBH0NCCYL0VG.0GUR0FRPHEVGL0BS0N0GUBHFNAQ0QVFGVAPG0\
FUVSGF0VF0RIRAGHNYYL0GUR0FNZR0NF0GUNG0BS0N0FVATYR0FUVSG.0RABHTU0ZHZOYVAT,0GNXR0LBHE0SYNT0NAQ0RAWBL0GUR0ERFG0BS0GUR0PBAGRFG.0ZNXR0FHER0LBH0JENC0GUR0SBYYBJVAT0GRKG0JVGU0GUR0UGO0SYNT0SBEZNG0GURRSSRPGVIRXRLFCNPRBSPNRF\
NEQRCRAQFBAGURFVMRBSGURNYCUNORG.'
>>>
>>> for shift in range(26):
... print(shift, julius_encrypt(ciphertext, shift))
...
0 JRYPBZR0GB0UNPXGUROBB0GJBGUBHFNAQGJRAGLSBHE!0GUVF0VF0N0CEBBS0BS0PBAPRCG0GB0CEBIR0LBH0GUNG0GUR0PNRFNE0PVCURE0VF0VAFRPHER0AB0ZNGGRE0UBJ0ZNAL0GVZRF0LBH0NCCYL0VG.0GUR0FRPHEVGL0BS0N0GUBHFNAQ0QVFGVAPG0FUVSGF0VF0RIRAGHNYYL0GUR0FNZR0NF0GUNG0BS0N0FVATYR0FUVSG.0RABHTU0ZHZOYVAT,0GNXR0LBHE0SYNT0NAQ0RAWBL0GUR0ERFG0BS0GUR0PBAGRFG.0ZNXR0FHER0LBH0JENC0GUR0SBYYBJVAT0GRKG0JVGU0GUR0UGO0SYNT0SBEZNG0GURRSSRPGVIRXRLFCNPRBSPNRFNEQRCRAQFBAGURFVMRBSGURNYCUNORG.
1 KSZQCAS0HC0VOQYHVSPCC0HKCHVCIGOBRHKSBHMTCIF!0HVWG0WG0O0DFCCT0CT0QCBQSDH0HC0DFCJS0MCI0HVOH0HVS0QOSGOF0QWDVSF0WG0WBGSQIFS0BC0AOHHSF0VCK0AOBM0HWASG0MCI0ODDZM0WH.0HVS0GSQIFWHM0CT0O0HVCIGOBR0RWGHWBQH0GVWTHG0WG0SJSBHIOZZM0HVS0GOAS0OG0HVOH0CT0O0GWBUZS0GVWTH.0SBCIUV0AIAPZWBU,0HOYS0MCIF0TZOU0OBR0SBXCM0HVS0FSGH0CT0HVS0QCBHSGH.0AOYS0GIFS0MCI0KFOD0HVS0TCZZCKWBU0HSLH0KWHV0HVS0VHP0TZOU0TCFAOH0HVSSTTSQHWJSYSMGDOQSCTQOSGOFRSDSBRGCBHVSGWNSCTHVSOZDVOPSH.
2 LTARDBT0ID0WPRZIWTQDD0ILDIWDJHPCSILTCINUDJG!0IWXH0XH0P0EGDDU0DU0RDCRTEI0ID0EGDKT0NDJ0IWPI0IWT0RPTHPG0RXEWTG0XH0XCHTRJGT0CD0BPIITG0WDL0BPCN0IXBTH0NDJ0PEEAN0XI.0IWT0HTRJGXIN0DU0P0IWDJHPCS0SXHIXCRI0HWXUIH0XH0TKTCIJPAAN0IWT0HPBT0PH0IWPI0DU0P0HXCVAT0HWXUI.0TCDJVW0BJBQAXCV,0IPZT0NDJG0UAPV0PCS0TCYDN0IWT0GTHI0DU0IWT0RDCITHI.0BPZT0HJGT0NDJ0LGPE0IWT0UDAADLXCV0ITMI0LXIW0IWT0WIQ0UAPV0UDGBPI0IWTTUUTRIXKTZTNHEPRTDURPTHPGSTETCSHDCIWTHXOTDUIWTPAEWPQTI.
3 MUBSECU0JE0XQSAJXUREE0JMEJXEKIQDTJMUDJOVEKH!0JXYI0YI0Q0FHEEV0EV0SEDSUFJ0JE0FHELU0OEK0JXQJ0JXU0SQUIQH0SYFXUH0YI0YDIUSKHU0DE0CQJJUH0XEM0CQDO0JYCUI0OEK0QFFBO0YJ.0JXU0IUSKHYJO0EV0Q0JXEKIQDT0TYIJYDSJ0IXYVJI0YI0ULUDJKQBBO0JXU0IQCU0QI0JXQJ0EV0Q0IYDWBU0IXYVJ.0UDEKWX0CKCRBYDW,0JQAU0OEKH0VBQW0QDT0UDZEO0JXU0HUIJ0EV0JXU0SEDJUIJ.0CQAU0IKHU0OEK0MHQF0JXU0VEBBEMYDW0JUNJ0MYJX0JXU0XJR0VBQW0VEHCQJ0JXUUVVUSJYLUAUOIFQSUEVSQUIQHTUFUDTIEDJXUIYPUEVJXUQBFXQRUJ.
4 NVCTFDV0KF0YRTBKYVSFF0KNFKYFLJREUKNVEKPWFLI!0KYZJ0ZJ0R0GIFFW0FW0TFETVGK0KF0GIFMV0PFL0KYRK0KYV0TRVJRI0TZGYVI0ZJ0ZEJVTLIV0EF0DRKKVI0YFN0DREP0KZDVJ0PFL0RGGCP0ZK.0KYV0JVTLIZKP0FW0R0KYFLJREU0UZJKZETK0JYZWKJ0ZJ0VMVEKLRCCP0KYV0JRDV0RJ0KYRK0FW0R0JZEXCV0JYZWK.0VEFLXY0DLDSCZEX,0KRBV0PFLI0WCRX0REU0VEAFP0KYV0IVJK0FW0KYV0TFEKVJK.0DRBV0JLIV0PFL0NIRG0KYV0WFCCFNZEX0KVOK0NZKY0KYV0YKS0WCRX0WFIDRK0KYVVWWVTKZMVBVPJGRTVFWTRVJRIUVGVEUJFEKYVJZQVFWKYVRCGYRSVK.
5 OWDUGEW0LG0ZSUCLZWTGG0LOGLZGMKSFVLOWFLQXGMJ!0LZAK0AK0S0HJGGX0GX0UGFUWHL0LG0HJGNW0QGM0LZSL0LZW0USWKSJ0UAHZWJ0AK0AFKWUMJW0FG0ESLLWJ0ZGO0ESFQ0LAEWK0QGM0SHHDQ0AL.0LZW0KWUMJALQ0GX0S0LZGMKSFV0VAKLAFUL0KZAXLK0AK0WNWFLMSDDQ0LZW0KSEW0SK0LZSL0GX0S0KAFYDW0KZAXL.0WFGMYZ0EMETDAFY,0LSCW0QGMJ0XDSY0SFV0WFBGQ0LZW0JWKL0GX0LZW0UGFLWKL.0ESCW0KMJW0QGM0OJSH0LZW0XGDDGOAFY0LWPL0OALZ0LZW0ZLT0XDSY0XGJESL0LZWWXXWULANWCWQKHSUWGXUSWKSJVWHWFVKGFLZWKARWGXLZWSDHZSTWL.
6 PXEVHFX0MH0ATVDMAXUHH0MPHMAHNLTGWMPXGMRYHNK!0MABL0BL0T0IKHHY0HY0VHGVXIM0MH0IKHOX0RHN0MATM0MAX0VTXLTK0VBIAXK0BL0BGLXVNKX0GH0FTMMXK0AHP0FTGR0MBFXL0RHN0TIIER0BM.0MAX0LXVNKBMR0HY0T0MAHNLTGW0WBLMBGVM0LABYML0BL0XOXGMNTEER0MAX0LTFX0TL0MATM0HY0T0LBGZEX0LABYM.0XGHNZA0FNFUEBGZ,0MTDX0RHNK0YETZ0TGW0XGCHR0MAX0KXLM0HY0MAX0VHGMXLM.0FTDX0LNKX0RHN0PKTI0MAX0YHEEHPBGZ0MXQM0PBMA0MAX0AMU0YETZ0YHKFTM0MAXXYYXVMBOXDXRLITVXHYVTXLTKWXIXGWLHGMAXLBSXHYMAXTEIATUXM.
7 QYFWIGY0NI0BUWENBYVII0NQINBIOMUHXNQYHNSZIOL!0NBCM0CM0U0JLIIZ0IZ0WIHWYJN0NI0JLIPY0SIO0NBUN0NBY0WUYMUL0WCJBYL0CM0CHMYWOLY0HI0GUNNYL0BIQ0GUHS0NCGYM0SIO0UJJFS0CN.0NBY0MYWOLCNS0IZ0U0NBIOMUHX0XCMNCHWN0MBCZNM0CM0YPYHNOUFFS0NBY0MUGY0UM0NBUN0IZ0U0MCHAFY0MBCZN.0YHIOAB0GOGVFCHA,0NUEY0SIOL0ZFUA0UHX0YHDIS0NBY0LYMN0IZ0NBY0WIHNYMN.0GUEY0MOLY0SIO0QLUJ0NBY0ZIFFIQCHA0NYRN0QCNB0NBY0BNV0ZFUA0ZILGUN0NBYYZZYWNCPYEYSMJUWYIZWUYMULXYJYHXMIHNBYMCTYIZNBYUFJBUVYN.
8 RZGXJHZ0OJ0CVXFOCZWJJ0ORJOCJPNVIYORZIOTAJPM!0OCDN0DN0V0KMJJA0JA0XJIXZKO0OJ0KMJQZ0TJP0OCVO0OCZ0XVZNVM0XDKCZM0DN0DINZXPMZ0IJ0HVOOZM0CJR0HVIT0ODHZN0TJP0VKKGT0DO.0OCZ0NZXPMDOT0JA0V0OCJPNVIY0YDNODIXO0NCDAON0DN0ZQZIOPVGGT0OCZ0NVHZ0VN0OCVO0JA0V0NDIBGZ0NCDAO.0ZIJPBC0HPHWGDIB,0OVFZ0TJPM0AGVB0VIY0ZIEJT0OCZ0MZNO0JA0OCZ0XJIOZNO.0HVFZ0NPMZ0TJP0RMVK0OCZ0AJGGJRDIB0OZSO0RDOC0OCZ0COW0AGVB0AJMHVO0OCZZAAZXODQZFZTNKVXZJAXVZNVMYZKZIYNJIOCZNDUZJAOCZVGKCVWZO.
9 SAHYKIA0PK0DWYGPDAXKK0PSKPDKQOWJZPSAJPUBKQN!0PDEO0EO0W0LNKKB0KB0YKJYALP0PK0LNKRA0UKQ0PDWP0PDA0YWAOWN0YELDAN0EO0EJOAYQNA0JK0IWPPAN0DKS0IWJU0PEIAO0UKQ0WLLHU0EP.0PDA0OAYQNEPU0KB0W0PDKQOWJZ0ZEOPEJYP0ODEBPO0EO0ARAJPQWHHU0PDA0OWIA0WO0PDWP0KB0W0OEJCHA0ODEBP.0AJKQCD0IQIXHEJC,0PWGA0UKQN0BHWC0WJZ0AJFKU0PDA0NAOP0KB0PDA0YKJPAOP.0IWGA0OQNA0UKQ0SNWL0PDA0BKHHKSEJC0PATP0SEPD0PDA0DPX0BHWC0BKNIWP0PDAABBAYPERAGAUOLWYAKBYWAOWNZALAJZOKJPDAOEVAKBPDAWHLDWXAP.
10 TBIZLJB0QL0EXZHQEBYLL0QTLQELRPXKAQTBKQVCLRO!0QEFP0FP0X0MOLLC0LC0ZLKZBMQ0QL0MOLSB0VLR0QEXQ0QEB0ZXBPXO0ZFMEBO0FP0FKPBZROB0KL0JXQQBO0ELT0JXKV0QFJBP0VLR0XMMIV0FQ.0QEB0PBZROFQV0LC0X0QELRPXKA0AFPQFKZQ0PEFCQP0FP0BSBKQRXIIV0QEB0PXJB0XP0QEXQ0LC0X0PFKDIB0PEFCQ.0BKLRDE0JRJYIFKD,0QXHB0VLRO0CIXD0XKA0BKGLV0QEB0OBPQ0LC0QEB0ZLKQBPQ.0JXHB0PROB0VLR0TOXM0QEB0CLIILTFKD0QBUQ0TFQE0QEB0EQY0CIXD0CLOJXQ0QEBBCCBZQFSBHBVPMXZBLCZXBPXOABMBKAPLKQEBPFWBLCQEBXIMEXYBQ.
11 UCJAMKC0RM0FYAIRFCZMM0RUMRFMSQYLBRUCLRWDMSP!0RFGQ0GQ0Y0NPMMD0MD0AMLACNR0RM0NPMTC0WMS0RFYR0RFC0AYCQYP0AGNFCP0GQ0GLQCASPC0LM0KYRRCP0FMU0KYLW0RGKCQ0WMS0YNNJW0GR.0RFC0QCASPGRW0MD0Y0RFMSQYLB0BGQRGLAR0QFGDRQ0GQ0CTCLRSYJJW0RFC0QYKC0YQ0RFYR0MD0Y0QGLEJC0QFGDR.0CLMSEF0KSKZJGLE,0RYIC0WMSP0DJYE0YLB0CLHMW0RFC0PCQR0MD0RFC0AMLRCQR.0KYIC0QSPC0WMS0UPYN0RFC0DMJJMUGLE0RCVR0UGRF0RFC0FRZ0DJYE0DMPKYR0RFCCDDCARGTCICWQNYACMDAYCQYPBCNCLBQMLRFCQGXCMDRFCYJNFYZCR.
12 VDKBNLD0SN0GZBJSGDANN0SVNSGNTRZMCSVDMSXENTQ!0SGHR0HR0Z0OQNNE0NE0BNMBDOS0SN0OQNUD0XNT0SGZS0SGD0BZDRZQ0BHOGDQ0HR0HMRDBTQD0MN0LZSSDQ0GNV0LZMX0SHLDR0XNT0ZOOKX0HS.0SGD0RDBTQHSX0NE0Z0SGNTRZMC0CHRSHMBS0RGHESR0HR0DUDMSTZKKX0SGD0RZLD0ZR0SGZS0NE0Z0RHMFKD0RGHES.0DMNTFG0LTLAKHMF,0SZJD0XNTQ0EKZF0ZMC0DMINX0SGD0QDRS0NE0SGD0BNMSDRS.0LZJD0RTQD0XNT0VQZO0SGD0ENKKNVHMF0SDWS0VHSG0SGD0GSA0EKZF0ENQLZS0SGDDEEDBSHUDJDXROZBDNEBZDRZQCDODMCRNMSGDRHYDNESGDZKOGZADS.
13 WELCOME0TO0HACKTHEBOO0TWOTHOUSANDTWENTYFOUR!0THIS0IS0A0PROOF0OF0CONCEPT0TO0PROVE0YOU0THAT0THE0CAESAR0CIPHER0IS0INSECURE0NO0MATTER0HOW0MANY0TIMES0YOU0APPLY0IT.0THE0SECURITY0OF0A0THOUSAND0DISTINCT0SHIFTS0IS0EVENTUALLY0THE0SAME0AS0THAT0OF0A0SINGLE0SHIFT.0ENOUGH0MUMBLING,0TAKE0YOUR0FLAG0AND0ENJOY0THE0REST0OF0THE0CONTEST.0MAKE0SURE0YOU0WRAP0THE0FOLLOWING0TEXT0WITH0THE0HTB0FLAG0FORMAT0THEEFFECTIVEKEYSPACEOFCAESARDEPENDSONTHESIZEOFTHEALPHABET.
14 XFMDPNF0UP0IBDLUIFCPP0UXPUIPVTBOEUXFOUZGPVS!0UIJT0JT0B0QSPPG0PG0DPODFQU0UP0QSPWF0ZPV0UIBU0UIF0DBFTBS0DJQIFS0JT0JOTFDVSF0OP0NBUUFS0IPX0NBOZ0UJNFT0ZPV0BQQMZ0JU.0UIF0TFDVSJUZ0PG0B0UIPVTBOE0EJTUJODU0TIJGUT0JT0FWFOUVBMMZ0UIF0TBNF0BT0UIBU0PG0B0TJOHMF0TIJGU.0FOPVHI0NVNCMJOH,0UBLF0ZPVS0GMBH0BOE0FOKPZ0UIF0SFTU0PG0UIF0DPOUFTU.0NBLF0TVSF0ZPV0XSBQ0UIF0GPMMPXJOH0UFYU0XJUI0UIF0IUC0GMBH0GPSNBU0UIFFGGFDUJWFLFZTQBDFPGDBFTBSEFQFOETPOUIFTJAFPGUIFBMQIBCFU.
15 YGNEQOG0VQ0JCEMVJGDQQ0VYQVJQWUCPFVYGPVAHQWT!0VJKU0KU0C0RTQQH0QH0EQPEGRV0VQ0RTQXG0AQW0VJCV0VJG0ECGUCT0EKRJGT0KU0KPUGEWTG0PQ0OCVVGT0JQY0OCPA0VKOGU0AQW0CRRNA0KV.0VJG0UGEWTKVA0QH0C0VJQWUCPF0FKUVKPEV0UJKHVU0KU0GXGPVWCNNA0VJG0UCOG0CU0VJCV0QH0C0UKPING0UJKHV.0GPQWIJ0OWODNKPI,0VCMG0AQWT0HNCI0CPF0GPLQA0VJG0TGUV0QH0VJG0EQPVGUV.0OCMG0UWTG0AQW0YTCR0VJG0HQNNQYKPI0VGZV0YKVJ0VJG0JVD0HNCI0HQTOCV0VJGGHHGEVKXGMGAURCEGQHECGUCTFGRGPFUQPVJGUKBGQHVJGCNRJCDGV.
16 ZHOFRPH0WR0KDFNWKHERR0WZRWKRXVDQGWZHQWBIRXU!0WKLV0LV0D0SURRI0RI0FRQFHSW0WR0SURYH0BRX0WKDW0WKH0FDHVDU0FLSKHU0LV0LQVHFXUH0QR0PDWWHU0KRZ0PDQB0WLPHV0BRX0DSSOB0LW.0WKH0VHFXULWB0RI0D0WKRXVDQG0GLVWLQFW0VKLIWV0LV0HYHQWXDOOB0WKH0VDPH0DV0WKDW0RI0D0VLQJOH0VKLIW.0HQRXJK0PXPEOLQJ,0WDNH0BRXU0IODJ0DQG0HQMRB0WKH0UHVW0RI0WKH0FRQWHVW.0PDNH0VXUH0BRX0ZUDS0WKH0IROORZLQJ0WHAW0ZLWK0WKH0KWE0IODJ0IRUPDW0WKHHIIHFWLYHNHBVSDFHRIFDHVDUGHSHQGVRQWKHVLCHRIWKHDOSKDEHW.
17 AIPGSQI0XS0LEGOXLIFSS0XASXLSYWERHXAIRXCJSYV!0XLMW0MW0E0TVSSJ0SJ0GSRGITX0XS0TVSZI0CSY0XLEX0XLI0GEIWEV0GMTLIV0MW0MRWIGYVI0RS0QEXXIV0LSA0QERC0XMQIW0CSY0ETTPC0MX.0XLI0WIGYVMXC0SJ0E0XLSYWERH0HMWXMRGX0WLMJXW0MW0IZIRXYEPPC0XLI0WEQI0EW0XLEX0SJ0E0WMRKPI0WLMJX.0IRSYKL0QYQFPMRK,0XEOI0CSYV0JPEK0ERH0IRNSC0XLI0VIWX0SJ0XLI0GSRXIWX.0QEOI0WYVI0CSY0AVET0XLI0JSPPSAMRK0XIBX0AMXL0XLI0LXF0JPEK0JSVQEX0XLIIJJIGXMZIOICWTEGISJGEIWEVHITIRHWSRXLIWMDISJXLIEPTLEFIX.
18 BJQHTRJ0YT0MFHPYMJGTT0YBTYMTZXFSIYBJSYDKTZW!0YMNX0NX0F0UWTTK0TK0HTSHJUY0YT0UWTAJ0DTZ0YMFY0YMJ0HFJXFW0HNUMJW0NX0NSXJHZWJ0ST0RFYYJW0MTB0RFSD0YNRJX0DTZ0FUUQD0NY.0YMJ0XJHZWNYD0TK0F0YMTZXFSI0INXYNSHY0XMNKYX0NX0JAJSYZFQQD0YMJ0XFRJ0FX0YMFY0TK0F0XNSLQJ0XMNKY.0JSTZLM0RZRGQNSL,0YFPJ0DTZW0KQFL0FSI0JSOTD0YMJ0WJXY0TK0YMJ0HTSYJXY.0RFPJ0XZWJ0DTZ0BWFU0YMJ0KTQQTBNSL0YJCY0BNYM0YMJ0MYG0KQFL0KTWRFY0YMJJKKJHYNAJPJDXUFHJTKHFJXFWIJUJSIXTSYMJXNEJTKYMJFQUMFGJY.
19 CKRIUSK0ZU0NGIQZNKHUU0ZCUZNUAYGTJZCKTZELUAX!0ZNOY0OY0G0VXUUL0UL0IUTIKVZ0ZU0VXUBK0EUA0ZNGZ0ZNK0IGKYGX0IOVNKX0OY0OTYKIAXK0TU0SGZZKX0NUC0SGTE0ZOSKY0EUA0GVVRE0OZ.0ZNK0YKIAXOZE0UL0G0ZNUAYGTJ0JOYZOTIZ0YNOLZY0OY0KBKTZAGRRE0ZNK0YGSK0GY0ZNGZ0UL0G0YOTMRK0YNOLZ.0KTUAMN0SASHROTM,0ZGQK0EUAX0LRGM0GTJ0KTPUE0ZNK0XKYZ0UL0ZNK0IUTZKYZ.0SGQK0YAXK0EUA0CXGV0ZNK0LURRUCOTM0ZKDZ0COZN0ZNK0NZH0LRGM0LUXSGZ0ZNKKLLKIZOBKQKEYVGIKULIGKYGXJKVKTJYUTZNKYOFKULZNKGRVNGHKZ.
20 DLSJVTL0AV0OHJRAOLIVV0ADVAOVBZHUKADLUAFMVBY!0AOPZ0PZ0H0WYVVM0VM0JVUJLWA0AV0WYVCL0FVB0AOHA0AOL0JHLZHY0JPWOLY0PZ0PUZLJBYL0UV0THAALY0OVD0THUF0APTLZ0FVB0HWWSF0PA.0AOL0ZLJBYPAF0VM0H0AOVBZHUK0KPZAPUJA0ZOPMAZ0PZ0LCLUABHSSF0AOL0ZHTL0HZ0AOHA0VM0H0ZPUNSL0ZOPMA.0LUVBNO0TBTISPUN,0AHRL0FVBY0MSHN0HUK0LUQVF0AOL0YLZA0VM0AOL0JVUALZA.0THRL0ZBYL0FVB0DYHW0AOL0MVSSVDPUN0ALEA0DPAO0AOL0OAI0MSHN0MVYTHA0AOLLMMLJAPCLRLFZWHJLVMJHLZHYKLWLUKZVUAOLZPGLVMAOLHSWOHILA.
21 EMTKWUM0BW0PIKSBPMJWW0BEWBPWCAIVLBEMVBGNWCZ!0BPQA0QA0I0XZWWN0WN0KWVKMXB0BW0XZWDM0GWC0BPIB0BPM0KIMAIZ0KQXPMZ0QA0QVAMKCZM0VW0UIBBMZ0PWE0UIVG0BQUMA0GWC0IXXTG0QB.0BPM0AMKCZQBG0WN0I0BPWCAIVL0LQABQVKB0APQNBA0QA0MDMVBCITTG0BPM0AIUM0IA0BPIB0WN0I0AQVOTM0APQNB.0MVWCOP0UCUJTQVO,0BISM0GWCZ0NTIO0IVL0MVRWG0BPM0ZMAB0WN0BPM0KWVBMAB.0UISM0ACZM0GWC0EZIX0BPM0NWTTWEQVO0BMFB0EQBP0BPM0PBJ0NTIO0NWZUIB0BPMMNNMKBQDMSMGAXIKMWNKIMAIZLMXMVLAWVBPMAQHMWNBPMITXPIJMB.
22 FNULXVN0CX0QJLTCQNKXX0CFXCQXDBJWMCFNWCHOXDA!0CQRB0RB0J0YAXXO0XO0LXWLNYC0CX0YAXEN0HXD0CQJC0CQN0LJNBJA0LRYQNA0RB0RWBNLDAN0WX0VJCCNA0QXF0VJWH0CRVNB0HXD0JYYUH0RC.0CQN0BNLDARCH0XO0J0CQXDBJWM0MRBCRWLC0BQROCB0RB0NENWCDJUUH0CQN0BJVN0JB0CQJC0XO0J0BRWPUN0BQROC.0NWXDPQ0VDVKURWP,0CJTN0HXDA0OUJP0JWM0NWSXH0CQN0ANBC0XO0CQN0LXWCNBC.0VJTN0BDAN0HXD0FAJY0CQN0OXUUXFRWP0CNGC0FRCQ0CQN0QCK0OUJP0OXAVJC0CQNNOONLCRENTNHBYJLNXOLJNBJAMNYNWMBXWCQNBRINXOCQNJUYQJKNC.
23 GOVMYWO0DY0RKMUDROLYY0DGYDRYECKXNDGOXDIPYEB!0DRSC0SC0K0ZBYYP0YP0MYXMOZD0DY0ZBYFO0IYE0DRKD0DRO0MKOCKB0MSZROB0SC0SXCOMEBO0XY0WKDDOB0RYG0WKXI0DSWOC0IYE0KZZVI0SD.0DRO0COMEBSDI0YP0K0DRYECKXN0NSCDSXMD0CRSPDC0SC0OFOXDEKVVI0DRO0CKWO0KC0DRKD0YP0K0CSXQVO0CRSPD.0OXYEQR0WEWLVSXQ,0DKUO0IYEB0PVKQ0KXN0OXTYI0DRO0BOCD0YP0DRO0MYXDOCD.0WKUO0CEBO0IYE0GBKZ0DRO0PYVVYGSXQ0DOHD0GSDR0DRO0RDL0PVKQ0PYBWKD0DROOPPOMDSFOUOICZKMOYPMKOCKBNOZOXNCYXDROCSJOYPDROKVZRKLOD.
24 HPWNZXP0EZ0SLNVESPMZZ0EHZESZFDLYOEHPYEJQZFC!0ESTD0TD0L0ACZZQ0ZQ0NZYNPAE0EZ0ACZGP0JZF0ESLE0ESP0NLPDLC0NTASPC0TD0TYDPNFCP0YZ0XLEEPC0SZH0XLYJ0ETXPD0JZF0LAAWJ0TE.0ESP0DPNFCTEJ0ZQ0L0ESZFDLYO0OTDETYNE0DSTQED0TD0PGPYEFLWWJ0ESP0DLXP0LD0ESLE0ZQ0L0DTYRWP0DSTQE.0PYZFRS0XFXMWTYR,0ELVP0JZFC0QWLR0LYO0PYUZJ0ESP0CPDE0ZQ0ESP0NZYEPDE.0XLVP0DFCP0JZF0HCLA0ESP0QZWWZHTYR0EPIE0HTES0ESP0SEM0QWLR0QZCXLE0ESPPQQPNETGPVPJDALNPZQNLPDLCOPAPYODZYESPDTKPZQESPLWASLMPE.
25 IQXOAYQ0FA0TMOWFTQNAA0FIAFTAGEMZPFIQZFKRAGD!0FTUE0UE0M0BDAAR0AR0OAZOQBF0FA0BDAHQ0KAG0FTMF0FTQ0OMQEMD0OUBTQD0UE0UZEQOGDQ0ZA0YMFFQD0TAI0YMZK0FUYQE0KAG0MBBXK0UF.0FTQ0EQOGDUFK0AR0M0FTAGEMZP0PUEFUZOF0ETURFE0UE0QHQZFGMXXK0FTQ0EMYQ0ME0FTMF0AR0M0EUZSXQ0ETURF.0QZAGST0YGYNXUZS,0FMWQ0KAGD0RXMS0MZP0QZVAK0FTQ0DQEF0AR0FTQ0OAZFQEF.0YMWQ0EGDQ0KAG0IDMB0FTQ0RAXXAIUZS0FQJF0IUFT0FTQ0TFN0RXMS0RADYMF0FTQQRRQOFUHQWQKEBMOQAROMQEMDPQBQZPEAZFTQEULQARFTQMXBTMNQF.
Parece que 13 es el desplazamiento correcto. Podemos reemplazar los 0s por espacios para mejorar la legibilidad:
>>> print(julius_encrypt(ciphertext, 13).replace('0', ' '))
WELCOME TO HACKTHEBOO TWOTHOUSANDTWENTYFOUR! THIS IS A PROOF OF CONCEPT TO PROVE YOU THAT THE CAESAR CIPHER IS INSECURE NO MATTER HOW MANY TIMES YOU APPLY IT. THE SECURITY OF A THOUSAND DISTINCT SHIFTS IS EVENTUALLY THE SAME AS THAT OF A SINGLE SHIFT. ENOUGH MUMBLING, TAKE YOUR FLAG AND ENJOY THE REST OF THE CONTEST. MAKE SURE YOU WRAP THE FOLLOWING TEXT WITH THE HTB FLAG FORMAT THEEFFECTIVEKEYSPACEOFCAESARDEPENDSONTHESIZEOFTHEALPHABET.
Flag
Entonces, la flag es:
HTB{THEEFFECTIVEKEYSPACEOFCAESARDEPENDSONTHESIZEOFTHEALPHABET}