Well, I got my try2hack account back so I done this and posting the method I used.
First, this mission got an encryptor and message. I think the encryptor is worth looking so I put some silly word in and it output me some set of data. Worthless. So, I think I known that this mission is based by ASCII in a forum post(now lost) so I put a in and a with password. ord(a) = 97. This give me .078.100.016 so it’s 3 set of data. I trying add it up, it got 194. Now the password is 97, 194-97 = 97 OMG!
Wow, that’s was pretty easy. Now try with longer message with some looong password. I tried aa and password of aa it’s .107.104.080.043.112.136, I separated that to 2 set of data, adding them up and subtracted 97 off, now it get me 194?!? That number was familiar. Yeah, For each password character, subtract that down so I subtracted 97 again and get a. Cool.
Now let’s begin with the message. I tried brute forcing up to 6 character but with no result (or my algorithm was wrong) so I have to think again by statistic. First I though the message is in Thai so I added Thai support for my decoder. (The encoder runs on tis-620, not utf-8 so it’s hard to juggling encoding in Python) I think that the mission description said that it’s “letter” so it must begins with สวัสดี if it’s formal message (try2hack never use formal message, but it’s worth trying) I try to add 114+114+288 then subtracted 161(ก in tis-620) to get the key, this however cause the decoder to fail to converting encodings. So, I try to look at the message, found that it have lot of same character appearing near each other. Maybe it’s newline (20). Why don’t I think this in the first place?
No, it’s not. So I modified my decoder to get the lowest number, because it’s probably newline(20) or space(32). It showing me [CENSORED] is it. I tried subtracting 20 out, resulting in [CENSORED]-10. Yeah, that’s the password. The letter is in English 🙁 Well, the letter was begins with Dear, not สวัสดี and the author’s address was ridiculous!