[CSAW_Qualification_2017] Another Xor | Ph03nix Team

Ph03nix Team

H4ck f0r fun

Home About Us
[CSAW_Qualification_2017] Another Xor
BlackWings

Question:


Backup: Another_Xor_Question

Special thank for a member of MSEC team who told me about a special char in XOR_STRING and amazing idea came =]]


[ PLAINTEXT + KEY + md5(PLAINTEXT + KEY) ] ^ [ XOR_STRING ] = CIPHERTEXT
XOR_STRING = KEY + KEY + KEY + …
len( PLAINTEXT + KEY + md5(PLAINTEXT + KEY) ) == len( CIPHERTEXT ) == 137

First: I have a ^ b = c and c ^ b = a and flag has form ‘flag{bla_bla_bla}’ so with 5 first char of flag i can find 5 first char of key
flag{ ^ CIPHERTEXT[:5] = KEY[:5] = ‘A qua’

Second: Because md5 has 32 chars and each char in [a-z0-9] so i write a script to analytics all possible case for each char in XOR_STRING[-32:]





You can see in XOR_STRING[134] have 6 possible case {@, A, C, D, F, G} and one of that is ‘A’ but KEY[0] == ‘A’

So i think XOR_STRING = KEY*n + ‘A q’
But len(PLAINTEXT + KEY) == 137 - 32 == 105
    len(XOR_STRING) == 137
    len(‘flag{}’) == 6

==> 6 < len(KEY) < 91
==> 1 < n < 22
    but len(KEY) * n == 134 it means 134 must divisible for n
==> n == 2

FINAL STEP

len(KEY) == 134/2 == 67 and len(PLAINTEXT) + len(KEY) == 105
==> len(PLAINTEXT) == 38

PLAINTEXT + KEY == 'flag{' + '_'*(38-6) + '}A qua' + '_'*(67-5)
XOR_STRING      == 'A qua' + '_'*(67-5) + 'A qua' + '_'*(67-5) + 'A q'


Recover script: recover_plaintext.py




FLAG: flag{sti11_us3_da_x0r_for_my_s3cratz}