[crypto] 암호학 CTF 대비
Loading content...
💡
XOR Properties
1#! /usr/bin/env python3
2
3from pwn import xor, unhex
4
5# KEY1 = a6c8b6733c9b22de7bc0253266a3867df55acde8635e19c73313
6# KEY2 ^ KEY1 = 37dcb292030faa90d07eec17e3b1c6d8daf94c35d4c9191a5e1e
7# KEY2 ^ KEY3 = c1545756687e7573db23aa1c3452a098b71a7fbf0fddddde5fc1
8# FLAG ^ KEY1 ^ KEY3 ^ KEY2 = 04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf
9
10KEY1 = 'a6c8b6733c9b22de7bc0253266a3867df55acde8635e19c73313'
11
12KEY2 = xor(unhex(KEY1), unhex('37dcb292030faa90d07eec17e3b1c6d8daf94c35d4c9191a5e1e'))
13
14KEY3 = xor((KEY2), unhex('c1545756687e7573db23aa1c3452a098b71a7fbf0fddddde5fc1'))
15
16FLAG = xor(unhex(KEY1), xor((KEY3), xor((KEY2), unhex('04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf'))))
17
18print(FLAG)
19
20########################################
21#pwntools library has xor() functions
22
23#Commutative: A ⊕ B = B ⊕ A
24#Associative: A ⊕ (B ⊕ C) = (A ⊕ B) ⊕ C
25#Identity: A ⊕ 0 = A
26#Self-Inverse: A ⊕ A = 0
27
28#unhex()
29#xor( , )Flag
b'crypto{x0r_i5_ass0c1at1v3}’
💡
Favourite byte
1#! /usr/bin/env python3
2
3from pwn import xor, unhex
4
5
6#73626960647f6b206821204f21254f7d694f7624662065622127234f726927756d
7
8#remember pwntools xor function is byte by byte
9#unhex funtion converts hex string to bytes
10
11for a in range(256):
12 print(xor(unhex('73626960647f6b206821204f21254f7d694f7624662065622127234f726927756d'), a))1#output
2
3b"sbi`d\x7fk h! O!%O}iOv$f eb!'#Ori'um"
4b'rchae~j!i !N $N|hNw%g!dc &"Nsh&tl'
5b'q`kbf}i"j#"M#\'M\x7fkMt&d"g`#%!Mpk%wo'
6b'pajcg|h#k"#L"&L~jLu\'e#fa"$ Lqj$vn'
7b"wfmd`{o$l%$K%!KymKr b$af%#'Kvm#qi"
8b'vgleazn%m$%J$ JxlJs!c%`g$"&Jwl"ph'
9b'udofbym&n\'&I\'#I{oIp"`&cd\'!%Ito!sk'
10b'tengcxl\'o&\'H&"HznHq#a\'be& $Hun rj'
11b'{jahlwc(`)(G)-GuaG~,n(mj)/+Gza/}e'
12b'zk`imvb)a()F(,Ft`F\x7f-o)lk(.*F{`.|d'
13b'yhcjnua*b+*E+/EwcE|.l*oh+-)Exc-\x7fg'
14b'xibkot`+c*+D*.DvbD}/m+ni*,(Dyb,~f'
15b'\x7fnelhsg,d-,C-)CqeCz(j,in-+/C~e+ya'
16b'~odmirf-e,-B,(BpdB{)k-ho,*.B\x7fd*x`'
17b'}lgnjqe.f/.A/+AsgAx*h.kl/)-A|g){c'
18b'|mfokpd/g./@.*@rf@y+i/jm.(,@}f(zb'
19b'crypto{0x10_15_my_f4v0ur173_by7e}'
20b'bsxqunz1y01^04^lx^g5w1ts062^cx6d|'
21b'ap{rvmy2z32]37]o{]d6t2wp351]`{5g\x7f'
22b'`qzswlx3{23\\26\\nz\\e7u3vq240\\az4f~'
23b'gv}tpk\x7f4|54[51[i}[b0r4qv537[f}3ay'
24b'fw|uqj~5}45Z40Zh|Zc1s5pw426Zg|2`x'
25b'et\x7fvri}6~76Y73Yk\x7fY`2p6st715Yd\x7f1c{'
26b'du~wsh|7\x7f67X62Xj~Xa3q7ru604Xe~0bz'
27b'kzqx|gs8p98W9=WeqWn<~8}z9?;Wjq?mu'
28b'CRYPTO[\x10X\x11\x10\x7f\x11\x15\x7fMY\x7fF\x14V\x10UR\x11\x17\x13\x7fBY\x17E]'
29b'BSXQUNZ\x11Y\x10\x11~\x10\x14~LX~G\x15W\x11TS\x10\x16\x12~CX\x16D\\'
30b'AP[RVMY\x12Z\x13\x12}\x13\x17}O[}D\x16T\x12WP\x13\x15\x11}@[\x15G_'
31b'@QZSWLX\x13[\x12\x13|\x12\x16|NZ|E\x17U\x13VQ\x12\x14\x10|AZ\x14F^'
32b'GV]TPK_\x14\\\x15\x14{\x15\x11{I]{B\x10R\x14QV\x15\x13\x17{F]\x13AY'
33b'FW\\UQJ^\x15]\x14\x15z\x14\x10zH\\zC\x11S\x15PW\x14\x12\x16zG\\\x12@X'
34b'ET_VRI]\x16^\x17\x16y\x17\x13yK_y@\x12P\x16ST\x17\x11\x15yD_\x11C['
35b'DU^WSH\\\x17_\x16\x17x\x16\x12xJ^xA\x13Q\x17RU\x16\x10\x14xE^\x10BZ'
36b'KZQX\\GS\x18P\x19\x18w\x19\x1dwEQwN\x1c^\x18]Z\x19\x1f\x1bwJQ\x1fMU'
37b'J[PY]FR\x19Q\x18\x19v\x18\x1cvDPvO\x1d_\x19\\[\x18\x1e\x1avKP\x1eLT'
38b'IXSZ^EQ\x1aR\x1b\x1au\x1b\x1fuGSuL\x1e\\\x1a_X\x1b\x1d\x19uHS\x1dOW'
39b'HYR[_DP\x1bS\x1a\x1bt\x1a\x1etFRtM\x1f]\x1b^Y\x1a\x1c\x18tIR\x1cNV'
40b'\x8e\x9f\x94\x9d\x99\x82\x96\xdd\x95\xdc\xdd\xb2\xdc\xd8\xb2\x80\x94\xb2\x8b\xd9\x9b\xdd\x98\x9f\xdc\xda\xde\xb2\x8f\x94\xda\x88\x90'
41b'\x8d\x9c\x97\x9e\x9a\x81\x95\xde\x96\xdf\xde\xb1\xdf\xdb\xb1\x83\x97\xb1\x88\xda\x98\xde\x9b\x9c\xdf\xd9\xdd\xb1\x8c\x97\xd9\x8b\x93'
42b'\x8c\x9d\x96\x9f\x9b\x80\x94\xdf\x97\xde\xdf\xb0\xde\xda\xb0\x82\x96\xb0\x89\xdb\x99\xdf\x9a\x9d\xde\xd8\xdc\xb0\x8d\x96\xd8\x8a\x92'Flag
b'crypto{0x10_15_my_f4v0ur173_by7e}'
💡
You either know, XOR you don’t
1#idea: flag always starts with b'crypto{
2
3#! /usr/bin/env python3
4
5from pwn import xor
6
7#0e0b213f26041e480b26217f27342e175d0e070a3c5b103e2526217f27342e175d0e077e263451150104
8
9encoded = bytes.fromhex("0e0b213f26041e480b26217f27342e175d0e070a3c5b103e2526217f27342e175d0e077e263451150104")
10
11print(xor(encoded, b'crypto{')) #xor해서 key 추출
12
13print(xor(encoded, b'myXORkey')) #추출된 key 활용Flag
b'crypto{1f_y0u_Kn0w_En0uGH_y0u_Kn0w_1t_4ll}’
💡
Extended GCD
