It’s a hot day, and your skin is cracking and dry. It’s difficult to make your way through the crowded bazaar. A high pitch voice pierces through the soundscape from a salesman that’s trying to sell colorful fabrics and then from another corner comes delicious smells. You spot a hand waving - it’s your contact that you’ve been waiting to meet. "Take a seat, my friend, I’m Gökhan, have you been to Istanbul before? No, really? I’m sure that you will have a great time, I’ve ordered tea for the two of us. Show me the amulet, will you?. Wow, this is really something from my younger days, this is as mysterious as it is beautiful and belongs to “The cloaked brotherhood”. They are very dangerous, and eventhough your quest is urgent, I would advise you to not continue looking for the owner of this. Go home, and forget about it." In the blink of an eye, four tough guys show up, and you start to run together with Gökhan through the crowded marketplace and then up on a rooftop. The tough guys are closing in, but the two of you climb down from the rooftop, run around a corner and are able to hide in two crates.
#### Challenge: Twisted robot (misc)
We found this old robo caller. It basically generates random phone numbers to spam. We found the last list of numbers in generated and also some weird file... Maybe it's got to do with these new beta features they were testing?
Gökhan is pointing at a parked vehicle. He tells you that you will have to try and reach it and that if you stay where you are, that you will get captured sooner or later. The guards know the neighborhood like their own backpocket. At first you doubt the plan, it seems like a very risky option. Gökhan then finally tells you he's not going to stay there, and his last offer is for you to go with him.
Gökhan exits the crate, and makes a quick sprint for the car. The tough guys spot him, and they approach. As he enters the car he tries to start it, and the car makes an ominous sound, as the bad guys are closing in. He looks back through the rear window, and sees that the bad guys are about to jump on the back of the car, and they are pulling out guns. He tries to start the car furiously one more time and... IT WORKS! Gökhan disappears off in the distance. You overhear the tough guys when they are talking about a person, “Mesut”, that got classified information. You quickly send a message to the boss to look up the person. After a short wait you receive a response that he is currently on his private yacht in Croatia. Looks like it is time for some travel again.
As you and Gökhan are leaving the crates to enter a car, you spot the tough guys coming after you, and they are pulling out weapons. Gökhan starts the car and the two of you take off. After a decent distance outside of the city, he gives you an invitation to a private conference that will take place in Buenos Aires.
The attachment contains tree files: `RoboCaller1337.py`, `secret.enc` and `robo_numbers_list.txt`.
Looking at the python script, we can assume the other two files are generated with it. It contains a function `generateRandomNumbers()`, which generates 624 random phone numbers. It also has a function `encodeSecret()`, which encodes a key with a random number.
`robo_numbers_list.txt` looks like a big list with 624 phone numbers.
`secret.enc` appears to contain just raw bytes.
## Solving
When starting on this challenge I was actually clueless how to solve this. I though the key was random. But then I remembered why you don't use the default random methods. They're not actually random, but rather pseudorandom.
Pseudorandom numbers are generated using an algorithm that generates a sequence of numbers whose properties approximate the properties of sequences of random numbers. This sequence is determined by an initial value, called a seed. Although this seed could be actually random, once you know it, you can calculate all the values it would output.
From reading [the python documentation of `random.py`](https://github.com/python/cpython/blob/main/Lib/random.py), we can see it uses the Mersenne Twister algorithm with a period of 2^19937-1. Also known as MT19937.
When searching for an algorithm to predict its results, I came across [this library](https://github.com/kmyk/mersenne-twister-predictor). It seems that if you know the preceding 624 numbers, you can predict the next numbers.
So, let's install the package first:
```sh
pip install mersenne-twister-predictor
```
Then, we need a script to read the numbers and enter them in the predictor. Let's start out by creating an instance of the predictor:
```py
from mt19937predictor import MT19937Predictor
predictor = MT19937Predictor()
```
Then we need the numbers to enter. To get them, I reversed the algorithm in the `RoboCaller1337.py` file:
```py
with open("robo_numbers_list.txt", "r") as file:
for line in file:
number = int(line.replace("-", "")) - (1<<31)
predictor.setrandbits(number, 32)
```
Now that the numbers are added, we can read the `secret.enc` file, and try to decode it. Again, I reversed the algorithm in the original file.
```py
with open("secret.enc", "rb") as file:
secret = list(file.read())
flag= ""
key = [predictor.getrandbits(8) for _ in range(len(secret))]
