# 💩 One Time Poop
### Cryptography - A bit complicated

> 💬 **Desc**: I was encrypting my flag using OTP encryption, but just thinking about how robust and secure it is made me want to go to the bathroom and in the end I only used a 4-byte key. Hopefully there won't be any problems...

> 🔓 **Hint**: OTP encryption should have a key as long as the message to be truly secure.

> 🔓 **Hint**: How many characters do you know from the original message?

---

## Build the challenge

In [1]:
from random import randint

In [2]:
FLAG = 'KikeCTF{0n3_71ny_p00p}' # CHANGE ME

In [3]:
KEYLEN = 4                      # CHANGE ME

In [4]:
KEY = [ randint(0,255) for _ in range(KEYLEN) ]

print(''.join([ "{:02x}".format(ord(FLAG[i]) ^ KEY[i % KEYLEN]) for i in range(len(FLAG)) ]))

f1572873f96a056d8a5070498d0f2d6fe54e7326ca43


---

## Walkthrough


When the `OTP` key is neither random nor the same length as the message to be encrypted, a brute force attack can be performed ***if you know a part of the original message that is as long as the key***. 

We only need to separate the bytes associated with the known string and perform the `XOR` operation. The result will be the key that can be reused in the rest of the blocks.

---

## Auto-solvers

In [5]:
CHALLENGE = '174f85031f72a81d6c48dd396b17801f0356de562c5b'

In [6]:
KNOWNTEXT = 'Kike'

### Python

In [7]:
chl = bytes.fromhex(CHALLENGE)
key = [ chl[i] ^ ord(KNOWNTEXT[i]) for i in range(len(KNOWNTEXT)) ]
print('Key:', ''.join([ '{:02x}'.format(k) for k in key ]))
print('Msg:', ''.join([ chr(chl[i] ^ key[i % len(KNOWNTEXT)]) for i in range(len(chl)) ]))

Key: 5c26ee66
Msg: KikeCTF{0n3_71ny_p00p}
