Information#
Version#
| By | Version | Comment |
|---|---|---|
| noraj | 1.0 | Creation |
CTF#
- Name : UIUCTF 2017
- Website : sigpwny.github.io
- Type : Online
- Format : Jeopardy
- CTF Time : link
Description#
Bulljog isn't much harder than this one.
Solution#
encrypt.py is a simple xoring:
import sys, itertools
if(len(sys.argv) != 3):
print("Usage: [FILE] [KEY]")
exit(-1)
filename = sys.argv[1]
key = sys.argv[2]
with open(filename, 'rb') as plaintext:
raw = plaintext.read()
print(len(raw))
with open(filename + '.out', 'wb') as ciphertext:
for l, r in zip(raw, itertools.cycle(key)):
ciphertext.write( (l ^ ord(r)).to_bytes(1, byteorder='big') )Let's xortool show us some probability:
$ xortool encryptme.txt.out
The most probable key lengths:
1: 8.2%
3: 11.0%
6: 10.0%
9: 21.0%
12: 7.7%
15: 6.9%
18: 13.7%
27: 9.4%
36: 6.8%
45: 5.3%
Key-length can be 3*n
Most possible char is needed to guess the key!xortool tell us there is 21% chances of a 9 bytes length key. So let's try it:
$ xortool encryptme.txt.out -l 9 -o
200 possible key(s) of length 9:
\x04EYS[\x06Q^T
\x04EYS[CQ^T
\x05DXRZ\x07P_U
\x05DXRZBP_U
\x06G[QY\x04S\\V
...
Found 89 plaintexts with 95.0%+ printable characters
See files filename-key.csv, filename-char_used-perc_printable.csvOne key seems nearly good:
$ cat xortool_out/filename-key.csv | grep 189
xortool_out/189.out;\x14UICKSANDSo let's try it:
$ xortool-xor -f encryptme.txt.out -s QUICKSAND
RSA and DSA can fail catastrophically when used with
malfunctioning random number generators, but the extent
to which these problems arise in practice has never been
comprehensively studied at Internet scale. We perform
the largest ever network survey of TLS and SSH servers
and present evidence that vulnerable keys are surprisingly
widespread. We find that 0.75% of TLS certificates share
keys due to insufficient entropy during key generation,
[...]The output is 100% printable text, we have the good key, now I need to find the flag:
$ xortool-xor -f encryptme.txt.out -s QUICKSAND | grep -i flag
flag{st8_0f_grac3}