level3

pwncollege · Sep 26, 2024 · 2916b15 · 2916b15
1 parent fb59d0e
commit 2916b15
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 4 deletions.
diff --git a/cryptography/level-3/.config b/cryptography/level-3/.config
diff --git a/cryptography/level-3/DESCRIPTION.md b/cryptography/level-3/DESCRIPTION.md
@@ -0,0 +1,8 @@
+The previous challenge gave you the one time pad to decrypt the ciphertext.
+If you did not know the one time pad, and it was only ever used for one message, the previous challenge would be unsolvable!
+In this level, we'll explore what happens if the latter condition is violated.
+You don't get the key this time, but we'll let you encrypt as many messages as you want.
+Can you decrypt the flag?
+
+----
+**Hint:** understand deeply about how XOR works, and consider that it is a distributative, commutative, and associative operation...
diff --git a/cryptography/level-3/run b/cryptography/level-3/run
diff --git a/cryptography/level-3/run b/cryptography/level-3/run
@@ -0,0 +1,16 @@
+#!/opt/pwn.college/python
+
+import base64
+from Crypto.Random import get_random_bytes
+from Crypto.Util.strxor import strxor
+
+flag = open("/flag", "rb").read()
+
+key = get_random_bytes(256)
+ciphertext = strxor(flag, key[:len(flag)])
+print(f"secret ciphertext: {base64.b64encode(ciphertext).decode()}")
+
+while True:
+    plaintext = base64.b64decode(input("plaintext (b64): "))
+    ciphertext = strxor(plaintext, key[:len(plaintext)])
+    print(f"ciphertext: {base64.b64encode(ciphertext).decode()}")
diff --git a/cryptography/module.yml b/cryptography/module.yml
@@ -6,8 +6,7 @@ challenges:
 - id: level-2
   name: One Time Pad
 - id: level-3
-  name: level3
-  description: Decrypt a secret encrypted with a one-time pad, where the key is reused for arbitrary data
+  name: Many Time Pad
 - id: level-4
   name: level4
   description: Decrypt a secret encrypted with AES using the ECB mode of operation