[!] Missing encryption key. [+] Key loaded from environment variable FROSTY_KEY. [...] But the challenge states the key is hardcoded – so maybe a fallback exists.
cipher = AES.new(key, AES.MODE_CBC, iv) plaintext = cipher.decrypt(ciphertext) # Remove PKCS#7 padding pad_len = plaintext[-1] return plaintext[:-pad_len] key_hex = "5f4dcc3b5aa765d61d8327deb882cf99" decrypted = decrypt_frosty_config("frosty_config.bin", key_hex) print(decrypted.decode('utf-8')) frosty mod encryption key
"mod_version": "2.1.0", "author": "FrostyTeam", "flag": "CTFfrosty_mod_3ncrypt10n_k3y_md5_1s_n0t_s3cur3" frosty mod encryption key
import binascii key_hex = "5f4dcc3b5aa765d61d8327deb882cf99" key = binascii.unhexlify(key_hex) # 16 bytes Check if it’s actually MD5 of something: echo -n "frosty" | md5sum → 5f4dcc3b5aa765d61d8327deb882cf99 ✅ frosty mod encryption key
In Ghidra, search for the string "FROSTY_KEY" → cross‑reference to a function get_encryption_key() .
So the hardcoded key = . 5. Decrypting the Config The file frosty_config.bin is provided.