Almost XOR – Crypto – CSAW17

Almost XOR – Crypto – CSAW17

For this challenge of crypto, we got a ciphered message and a python script. We knew from precedent challenge that flag are always of the form flag{XXXX}, so we make the assumption that it was the same here, so we got the first 5 chars of the ciphered so we got first part of the key : 3eb3bc25 and we could brute force to find that n=3.

ciphertext = '\x80\x9f\xdd\x88\xda\xfa\x96\xe3\xee\x60\xc8\xf1\x79\xf2\xd8\x89\x90\xef\x4f\xe3\xe2\x52\xcc\xf4\x62\xde\xae\x51\x87\x26\x73\xdc\xd3\x4c\xc9\xf5\x53\x80\xcb\x86\x95\x1b\x8b\xe3\xd8\x42\x98\x39'
flag = "flag{"
n = 3
nb_ok = (((8*len(flag))//f)*f)//8
keypart = decrypt(flag,ciphertext, n)[:nb_ok]
print keypart.encode('hex')
print len(ciphertext)
print f, nb_ok

But we also knew that last char of the flag is probably } so it gave us an other value of the key : c4. But we could not know if this value was in the middle of the key or at the end. So we try the key 3eb3bc25c4 :

ciphertext = '\x80\x9f\xdd\x88\xda\xfa\x96\xe3\xee\x60\xc8\xf1\x79\xf2\xd8\x89\x90\xef\x4f\xe3\xe2\x52\xcc\xf4\x62\xde\xae\x51\x87\x26\x73\xdc\xd3\x4c\xc9\xf5\x53\x80\xcb\x86\x95\x1b\x8b\xe3\xd8\x42\x98\x39'
key = '\x3e\xb3\xbc\x25\xe1\xc4'
n = 3
print decrypt(key, ciphertext, 3)

Which gave us the flag : flag{>x0r_i5_Add1+10n-m0D-2,’bU+_+h15_Wa5_m0d=8}

Leave a Reply

Your email address will not be published. Required fields are marked *