Skip to main content

xorxorxor

Who needs AES when you have XOR?

xor.py
#!/usr/bin/python3
import os
flag = open('flag.txt', 'r').read().strip().encode()

class XOR:
def __init__(self):
self.key = os.urandom(4)
def encrypt(self, data: bytes) -> bytes:
xored = b''
for i in range(len(data)):
xored += bytes([data[i] ^ self.key[i % len(self.key)]])
return xored
def decrypt(self, data: bytes) -> bytes:
return self.encrypt(data)

def main():
global flag
crypto = XOR()
print ('Flag:', crypto.encrypt(flag).hex())

if __name__ == '__main__':
main()
output.txt
Flag: 134af6e1297bc4a96f6a87fe046684e8047084ee046d84c5282dd7ef292dc9

Solution

This WriteUp Solution is password protected by the flag of the challenge.

In this challenge, the key is 4 byte long and the flag is encrypted using XOR. And also we know the first 4 bytes of flag which is flag_format HTB{. So we can find key by xoring first 4 bytes of ciphertext with flag_format.Once we find the key, we can decrypt the flag.

solve.py
encrypted_flag = "134af6e1297bc4a96f6a87fe046684e8047084ee046d84c5282dd7ef292dc9"

encrypted_flag = bytes.fromhex(encrypted_flag)
key=b""
key+=bytes([encrypted_flag[0]^ord('H')])
key+=bytes([encrypted_flag[1]^ord('T')])
key+=bytes([encrypted_flag[2]^ord('B')])
key+=bytes([encrypted_flag[3]^ord('{')])

xored = b''
for i in range(len(encrypted_flag)):
xored += bytes([encrypted_flag[i] ^ key[i % len(key)]])
print(xored.decode())

After running the script, we get the flag HTB{rep34t3d_x0r_n0t_s0_s3cur3}