ECTF Crypto 400 Writeup

This is the question:

Given below is the link to the file which has the name of the best politician alive. But since the politician is very humble and doesn’t want to show off, he has encrypted the file .Your curiousness should get you the answer? Download crypto4.txt

The title suggests it’s XOR, so let’s launch a XOR analysis.

I used hellman’s xortool (A tool to analyze multi-byte xor cipher : https://github.com/hellman/xortool )

$ ./xortool.py -c20 -m64 crypto4.txt
 The most probable key lengths:
 2: 10.8%
 4: 16.0%
 6: 9.6%
 8: 14.1%
 10: 9.8%
 12: 10.6%
 14: 6.8%
 16: 8.7%
 20: 8.0%
 24: 5.7%
 Key-length can be 4*n
 1 possible key(s) of length 4:
 \x10]\x13\x14

This is the output file of hellman’s xortool’s analysis

$ cat xortool_out/0_\\x10\]\\x13\\x14 
C'ngr)tul)tio&s! s l'ng )s t e s=n r!seshfro% th- ea;t a&d s-ts !n t e w-st,<he 8lai& xo: ci8herhis ;til$ ve:y i&sec=re !f t e k-y i; mu+h s ort-r t an <he %ess)ge.hYou: fl)g:D: Ma&amo anahSin/hamh

We can assume the first word is “Congratulations“, and deduce the final XOR key from it and the corresponding bytes in the ciphertext

$ echo "Congratulations"|hexdump -C|head -n 1
 00000000 43 6f 6e 67 72 61 74 75 6c 61 74 69 6f 6e 73 0a |Congratulations.|
$ hexdump -C 0_\\x10\]\\x13\\x14 | head -n 1
 00000000 43 27 6e 67 72 29 74 75 6c 29 74 69 6f 26 73 21 |C'ngr)tul)tio&s!| 
>>> s1 = "d5 cb 44 a4 e4 12 e2 d1 46 a2 e2 1a f9 ca 59 e2".replace(' ','').decode("hex")
>>> s1 = "43 27 6e 67 72 29 74 75 6c 29 74 69 6f 26 73 21".replace(' ','').decode("hex")
>>> s2 = "43 6f 6e 67 72 61 74 75 6c 61 74 69 6f 6e 73 0a".replace(' ','').decode("hex")
>>> ' '.join('%02x' % (ord(s1[i]) ^ ord(s2[i])) for i in range(len(s1)))
'00 48 00 00 00 48 00 00 00 48 00 00 00 48 00 2b'

00 48 00 00 is repeated and

that’s our XOR key.

I wrote a small script to decrypt the whole file

#!/usr/bin/env python2

txt = open("kk", "rb").read()
key = "00 48 00 00".replace(" ", "").decode("hex")

def my_xor(cipher, key):
 keylen = len(key)
 res = ""

 for pos, c in enumerate(cipher):
 res += chr(ord(c) ^ ord(key[pos % keylen]))

 return res

print my_xor(txt, key)

Congratulations! As long as the sun rises from the east and sets in the west,the plain xor cipher is still very insecure if the key is much shorter than the message. Your flag:Dr Manamohana Singham

Flag: Dr Manamohana Singham

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s