[16 bytes IV][ciphertext] Key derived from the hex string above:
char* get_encryption_key() char *env_key = getenv("FROSTY_KEY"); if (env_key != NULL && strlen(env_key) == 32) return env_key; // Hardcoded fallback key (hex string) return "5f4dcc3b5aa765d61d8327deb882cf99";
Decompiled pseudocode:
"mod_version": "2.1.0", "author": "FrostyTeam", "flag": "CTFfrosty_mod_3ncrypt10n_k3y_md5_1s_n0t_s3cur3"
cipher = AES.new(key, AES.MODE_CBC, iv) plaintext = cipher.decrypt(ciphertext) # Remove PKCS#7 padding pad_len = plaintext[-1] return plaintext[:-pad_len] key_hex = "5f4dcc3b5aa765d61d8327deb882cf99" decrypted = decrypt_frosty_config("frosty_config.bin", key_hex) print(decrypted.decode('utf-8')) frosty mod encryption key
[!] Missing encryption key. [+] Key loaded from environment variable FROSTY_KEY. [...] But the challenge states the key is hardcoded – so maybe a fallback exists.
Output:
That hex string 5f4dcc3b5aa765d61d8327deb882cf99 looks like an MD5 hash. Decode it as ASCII? No – it’s 32 hex characters → 16 bytes when decoded → likely the AES‑128 key. Further reversing shows the config file is encrypted with AES‑128‑CBC , IV is the first 16 bytes of the file.