blob: 5c190af760c589ecefb43729b62b1c97bf544b7d (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
I heard the onetime pad is perfectly secure so I used it to send an important
message to a friend, but now a UCLA competition is asking for the key? I threw
that out a long time ago! Can you help me recover it?
The problem description implies a weakness through key reuse, however we can
easily recover the key because we are given both a plaintext and corresponding
ciphertext for a simple XOR cipher.
The key is made up of the flag data, which is shorter than the actual message,
so it is repeated using Python itertools.cycle to pad it out.
```
from itertools import cycle
pt = b"Long ago, the four nations lived together in harmony ..."
key = cycle(b"lactf{??????????????}")
ct = ""
for i in range(len(pt)):
b = (pt[i] ^ next(key))
ct += f'{b:02x}'
print("ct =", ct)
#ct = 200e0d13461a055b4e592b0054543902462d1000042b045f1c407f18581b56194c150c13030f0a5110593606111c3e1f5e305e174571431e
```
To get the flag, we ran this algorithm in reverse:
```
#!/usr/bin/env python3
ct = (
b"\x20\x0e\x0d\x13\x46\x1a\x05\x5b\x4e\x59\x2b\x00\x54\x54\x39\x02"
b"\x46\x2d\x10\x00\x04\x2b\x04\x5f\x1c\x40\x7f\x18\x58\x1b\x56\x19"
b"\x4c\x15\x0c\x13\x03\x0f\x0a\x51\x10\x59\x36\x06\x11\x1c\x3e\x1f"
b"\x5e\x30\x5e\x17\x45\x71\x43\x1e" )
pt = b"Long ago, the four nations lived together in harmony ..."
key = ""
for i in range(len(pt)):
b = (pt[i] ^ ct[i])
key += chr(b)
print(key)
```
Because the key was cycled, we see repeated characters in the output, but the
full flag is there.
lactf{b4by_h1t_m3_0ne_m0r3_t1m3}lactf{b4by_h1t_m3_0ne_m0
|
