Ondrysak blog

MAPNACTF 2024 - What Next Challenge

Posted on Jan 20, 2024
tl;dr: Deciphering an encrypted message by reversing a simple XOR operation with a known key.

What Next

Challenge Overview

The “What Next” challenge involved decrypting an encrypted message. The encryption was performed using a simple XOR operation, and the key was provided, making the task of decryption straightforward.

Methodology

The provided Python script hinted at the encryption mechanism:

#!/usr/bin/env python3

from random import *
from Crypto.Util.number import *
from flag import flag

def encrypt(msg, KEY):
	m = bytes_to_long(msg)
	c = KEY ^ m
	return c

n = 80
TMP = [getrandbits(256) * _ ** 2 for _ in range(n)]
KEY = sum([getrandbits(256 >> _) for _ in range(8)]) 

enc = encrypt(flag, KEY)

print(f'TMP = {TMP}')
print(f'KEY = {KEY}')
print(f'enc = {enc}')

we get the following output.txt

TMP = [0, 60532113298156934035006892408508955361282411773999112364347341111075018147927, 389708033651020865401865717693397865196213972164600460902422823183461779915980, 405918065202512971659130608346843374237984902589139232574420604120059844720341, 1221288278415504784467034784431436409217396366988324269872668238978249045586368, 227272449199630828507165833400505281743840056074337728659380026370174597983400, 3253503829229933909142928710502222745989372185283055446591180092486412602783216, 5285988746830110954075248573612981420829816533804399404046882938020472042330356, 1595336926944568705525401229738700126737605961193041889427425025694023495226176, 7954983836536199412561303342870946300319308569704526681942922892057412417369996, 9131160911707622814886835054526857850430982962993746463098999466544684215014000, 7533615981375704965377803926757920571133747559444638616597692539324665788824241, 9066823514420452679519089047747738557989264923523328666138044339979172532091952, 11067455968068371535244972547693443476921719558645991175617294899803940399861323, 14537042287558789972327728985738890609505033466725608088977070967810362118279248, 4572250646126446008858673089127752592787335839144590539404665629413086318239650, 6294362797378922374391238457327978545276595686984712745478781562202157935775488, 22747367842710135893711619452307079245750111941624369856170309106764880998100552, 6004893915710283480070189414407284168050988366555745204074130859740178577433240, 14420752900418475271133573248938786225809597358248108049760284685159047602036537, 43733009974069364671572839996339051940609184658654624940598489171524524051944400, 35346194693613025068395009821809884943769752588359988505793537720962714260019869, 42204169462513802238599356946318680734527685184414356760365290489529820960713072, 34277378263896547381266820799512178423239236243790865361707633583497481357796407, 65716310119362366398237218525711748744052085839683547702975404773566674635748352, 46557817276176359993118228055060795747091243514590105677103910660112788974583750, 77490786359937960192983922284789298329689351038928181926278354279011358030727124, 80111990003818834469282875276984278230143118837645016537448310618261479083651342, 20554557048628019672240583641369145446540900712224309311213526066135949044952288, 62735818615066536453205944582471026825278180907531123883210362947117955616343781, 86042719783890082289653687251665836736491344225760521302063306208331002685576500, 25965698487671814117818570753889366721907386924362900403011501627358460499758383, 29616377817002001833630895361629451907964508596441826676791174072122929285049344, 15021399892362753107059884462124333866295538287397369553705410328403621774185468, 38002604304046319679742306015002655608233191413179528560874731009946042988120788, 93295366307461634335632781504982997626366942447637302439067556300965151557831725, 13540230203788528048897000123546822994874145971630139618336417120723676174022384, 154432198666672358575141914680506005090971687803151597762263520020713308780579072, 72136447292935153078321891268785033320056922245403740454889157780753773717242568, 25501852421215926138677841658578129717118066368151623403551273037829983575243468, 126735578787059666358271681647457626985119387894943043206239792071598867033556800, 135202944925842633454294137881609034393280829104975826296437659832444402212706990, 195878634803984461306574869979621981219794907747012161075921193902109987239350696, 70016262426074427215170249788098050659024805306136436354383469618536112786361350, 35956258331474238072248600117735641962702369830606009799455005594969570110652976, 22225110718496125427125444008161845696087660990666988086936919846739655848747525, 27548874118316168690466237353230253832267098824834641381166573208182433313572936, 217350749041695488338708373584952864553819378993764330831653495907756867001916100, 257655749972831097290040240403045642767794308639832322802465135822003512301701120, 170931799252374463455850569878339599585582089254513276315581340035784063404547904, 260648666226967018693658250893274370482164362954223893135614467834502818278817500, 69425639907308137984060966310312800675576800616943121851698019398372874074587564, 38272797691322675978111710027833013466477209475584360707344650868692232767605712, 159989233909295381868776328891896676159494718709642790902586750185703386017519100, 239424076217975267533547688379482794244638593887104216992730670874367591889686424, 235805166260230600224517436738096467578276265139558424271706458619605152151155650, 312887850933221623827051251636459958804378796969233372438708909260471396708839360, 226254410804533566347737443581029620895018482953889083109343308899334155214465084, 75663356945666060728297569858199894519238029780108571803169998187745851675033696, 379521198853533961681034095706543224338730654829393858931702778389925326037905581, 146969137746310211928872994682693200202368153046275429574482720738790962130698000, 294260825765970965744028560390675570627618373545459966200549616640279283196332026, 319516693693602451939925738770832547195167488538421484010981799971938667101170272, 235996689233669489969452603688581556879686306558426802897567227857894956933720385, 129860515531400644974201481565448922647210002409167735625695108262182647544782848, 434775250558913676954052533315009488640533958618010407554959841056206485055286800, 22149580084411886515787074680813749427656731151235741580693077660337965563693340, 250909616829332329061530688103059354065323867429954924090541815760594873142372389, 190341994069073757182537956898692121864681766192223013320579410693514741018663328, 498585070302128781878557564834342148816012866139626477296471773760922822044892275, 263835635996152386059834449296099627577713122650362830498873071118489986876211700, 225673582284037816919955555063840997388361787112308169031986640074367056949780747, 361331112554037421979550439774599874333938415297694314983681794489970792139813248, 254546085100670719262378937737022676839283545191763458089424319101240909887973785, 253610597769560898884657084492335380622121458721155827380866680741694312733007816, 457274233985553849774588573500169926255994068617887370590713102886816853234873125, 449778455880514807591245873496025212715825137347886177910517238904962733456694256, 401484248501670039446475341305100595322092268787582033086127175618422362454931911, 22016053572627515851711195096973390151818785168234961407013202935121714403513020, 199223592692197859565380631569896354958045929491349287395617253114895842147327801]
KEY = 23226475334448992634882677537728533150528705952262010830460862502359965393545
enc = 2290064970177041546889165766737348623235283630135906565145883208626788551598431732

from random import *
from Crypto.Util.number import *

def encrypt(msg, KEY):
    m = bytes_to_long(msg)
    c = KEY ^ m
    return c

def decrypt_long(m, KEY):
    c = KEY ^ m
    return c

n = 80

dec = decrypt_long(enc, KEY)
print(long_to_bytes(dec))

The encryption function defined in the script uses an XOR operation. Given that XOR is its own inverse, we can use the same function to decrypt the message.

Decrypting the Message

To decrypt the message, we applied the decrypt_long function to the encrypted message (enc) using the provided key (KEY). This operation effectively reversed the XOR encryption, yielding the original message.

Output

Executing the script with the decryption logic correctly implemented, we obtained the decrypted message:

MAPNA{R_U_MT19937_PRNG_Predictor?}

Conclusion

This challenge demonstrated the simplicity and reversibility of XOR encryption when the key is known. It served as a reminder of the importance of secure key management in cryptography.