# Cryptohack Challenges 01 - Introduction to Cryptohack


In [1]:
# Great SNakes

#!/usr/bin/env python3

import sys
# import this

if sys.version_info.major == 2:
    print("You are running Python 2, which is no longer supported. Please update to Python 3.")

ords = [81, 64, 75, 66, 70, 93, 73, 72, 1, 92, 109, 2, 84, 109, 66, 75, 70, 90, 2, 92, 79]

print("Here is your flag:")
print("".join(chr(o ^ 0x32) for o in ords))

Here is your flag:
crypto{z3n_0f_pyth0n}


In [3]:
ascii_values = [99, 114, 121, 112, 116, 111, 123, 65, 83, 67, 73, 73, 95, 112, 114, 49, 110, 116, 52, 98, 108, 51, 125]

# Convert each integer to its corresponding ASCII character and join to form the flag
flag = ''.join(chr(value) for value in ascii_values)
flag

'crypto{ASCII_pr1nt4bl3}'

In [4]:
# Included below is a flag encoded as a hex string. Decode this back into bytes to get the flag.

hex_string = '63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d'
bytes.fromhex(hex_string)

b'crypto{You_will_be_working_with_hex_strings_a_lot}'

In [13]:
# Take the below hex string, decode it into bytes and then encode it into Base64.
import base64

hex_string_2 = '72bca9b68fc16ac7beeb8f849dca1d8a783e8acf9679bf9269f7bf'
hex_bytes = bytes.fromhex(hex_string_2)

base64_encoded = base64.b64encode(hex_bytes).decode("utf-8")
base64_encoded

'crypto/Base+64+Encoding+is+Web+Safe/'

In [1]:
from Crypto.Util.number import *
#  Python's PyCryptodome library implements this with the methods bytes_to_long() and long_to_bytes().

# Convert the following integer back into a message:
integer_value = 11515195063862318899931685488813747395775516287289682636499965282714637259206269

# Convert the integer back to a byte message
message = long_to_bytes(integer_value).decode("utf-8")
message


'crypto{3nc0d1n6_4ll_7h3_w4y_d0wn}'

In [2]:
# Given the string 'label', XOR each character with the integer 13. 
# Convert these integers back to a string and submit the flag as crypto{new_string}.

# Given string
label = "label"

# XOR each character in the string with 13 and convert it back to a character
new_string = ''.join(chr(ord(char) ^ 13) for char in label)

# Format the final flag
flag = f"crypto{{{new_string}}}"
flag


'crypto{aloha}'

# XOR Properties
There are four main properties we should consider when we solve challenges using the XOR operator

```
Commutative: A ⊕ B = B ⊕ A
Associative: A ⊕ (B ⊕ C) = (A ⊕ B) ⊕ C
Identity: A ⊕ 0 = A
Self-Inverse: A ⊕ A = 0
```

Let's break this down. Commutative means that the order of the XOR operations is not important. Associative means that a chain of operations can be carried out without order (we do not need to worry about brackets). The identity is 0, so XOR with 0 "does nothing", and lastly something XOR'd with itself returns zero.

Let's put this into practice! Below is a series of outputs where three random keys have been XOR'd together and with the flag. Use the above properties to undo the encryption in the final line to obtain the flag.

```
KEY1 = a6c8b6733c9b22de7bc0253266a3867df55acde8635e19c73313
KEY2 ^ KEY1 = 37dcb292030faa90d07eec17e3b1c6d8daf94c35d4c9191a5e1e
KEY2 ^ KEY3 = c1545756687e7573db23aa1c3452a098b71a7fbf0fddddde5fc1
FLAG ^ KEY1 ^ KEY3 ^ KEY2 = 04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf
```


In [3]:
# Re-checking the XOR logic with hex decoding, XOR properties, and correct ordering

# Redefine given hexadecimal strings as bytes
key1 = bytes.fromhex("a6c8b6733c9b22de7bc0253266a3867df55acde8635e19c73313")
key2_xor_key1 = bytes.fromhex("37dcb292030faa90d07eec17e3b1c6d8daf94c35d4c9191a5e1e")
key2_xor_key3 = bytes.fromhex("c1545756687e7573db23aa1c3452a098b71a7fbf0fddddde5fc1")
flag_xor_key1_key3_key2 = bytes.fromhex("04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf")

# Derive KEY2 from KEY1 and (KEY2 XOR KEY1)
key2 = bytes(a ^ b for a, b in zip(key1, key2_xor_key1))

# Derive KEY3 from KEY2 and (KEY2 XOR KEY3)
key3 = bytes(a ^ b for a, b in zip(key2, key2_xor_key3))

# Derive FLAG from FLAG XOR KEY1 XOR KEY3 XOR KEY2 by XOR-ing with KEY1, KEY2, and KEY3
flag = bytes(a ^ b ^ c ^ d for a, b, c, d in zip(flag_xor_key1_key3_key2, key1, key2, key3))

# Convert the final result to a readable string, if possible
flag.decode("utf-8")


'crypto{x0r_i5_ass0c1at1v3}'

In [5]:
# I've hidden some data using XOR with a single byte, but that byte is a secret. Don't forget to decode from hex first.

hex_string = "73626960647f6b206821204f21254f7d694f7624662065622127234f726927756d"
byte_data = bytes.fromhex(hex_string)

# Retry XOR decoding with a stricter validation to identify readable English text

# Loop through possible single-byte keys
for key in range(256):
    # XOR each byte with the current key
    decoded_bytes = bytes(b ^ key for b in byte_data)

    # Convert the XORed bytes to a string and check if it forms readable text
    try:
        decoded_message = decoded_bytes.decode("utf-8")
        # Look for readable phrases starting with 'crypto{' as per previous flags
        if "crypto{" in decoded_message:
            flag = decoded_message
            break
    except UnicodeDecodeError:
        continue  # Skip any non-decodable byte sequences

flag


'crypto{0x10_15_my_f4v0ur173_by7e}'

In [7]:
# I've encrypted the flag with my secret key, you'll never be able to guess it.
# Remember the flag format and how it might help you in this challenge!
encrypted_hex = "0e0b213f26041e480b26217f27342e175d0e070a3c5b103e2526217f27342e175d0e077e263451150104 "
encrypted_bytes = bytes.fromhex(encrypted_hex)

# Known format "crypto{" suggests part of the key can be determined.
# We'll assume the key might repeat itself across the encrypted message.
# Hypothesis: Using 'crypto{' part to infer the repeating key pattern.
known_part = "crypto{"
partial_key = bytes([encrypted_bytes[i] ^ ord(known_part[i]) for i in range(len(known_part))])

# Extend the key to the length of the encrypted message by repeating it
full_key = partial_key * (len(encrypted_bytes) // len(partial_key)) + partial_key[:len(encrypted_bytes) % len(partial_key)]

# Trying the full flag format length to refine the key more accurately
# Re-examining the partial key and possible length based on the observed flag format structure
possible_key_guess = "myXORkey"  # Hypothetical guess based on pattern matching and common phrases

# Extend the key guess across the encrypted message length
repeated_key = (possible_key_guess * (len(encrypted_bytes) // len(possible_key_guess))) + possible_key_guess[:len(encrypted_bytes) % len(possible_key_guess)]

# Decrypt with this refined key
decrypted_message = ''.join(chr(b ^ ord(k)) for b, k in zip(encrypted_bytes, repeated_key))
decrypted_message

'crypto{1f_y0u_Kn0w_En0uGH_y0u_Kn0w_1t_4ll}'