Skip to content
/ unxor Public

unXOR will search a XORed file and try to guess the key using known-plaintext attacks.

License

Notifications You must be signed in to change notification settings

tomchop/unxor

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

52 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Build Status Go Report Card

unXOR

This tool will search through an XOR-encoded file (binary, text-file, whatever) and use known-plaintext attacks to deduce the original keystream. Works on keys half as long as the known-plaintext, in linear complexity.

Here's a demo of the Golang binary decrypting a plaintext file XORed with 0xABCDEF (3 bytes) and where our known-plaintext is leggings.

demo

Usage (Golang)

This should work:

$ go get github.com/tomchop/unxor
$ $GOBIN/unxor -h
Usage of /Users/tomchop/code/go/bin/unxor:
-f string
        Filename to decrypt
-g string
        Known plaintext (string)
-gh string
        Known plaintext (hex encoded)

Usage (Docker)

You need to map $PWD (or the directory where your file is) to the /data volume in Docker so that the container knows where to find your files. The decrypted file will be written in the same directory.

$ docker pull tomchop/unxor
$ docker run --rm -v $PWD:/data tomchop/unxor -h
Usage of /go/bin/unxor:
-f string
        Filename to decrypt
-g string
        Known plaintext (string)
-gh string
        Known plaintext (hex encoded)

Usage (Python)

Python sources are contained in the pyunxor directory.

$ cd pyunxor
$ python unxor.py
usage: unxor.py [-h] (-g GUESS | -k KEY) [-m {iterative,selective}] [-x]
                [-v {0,1,2}]
                [infile] [outfile]
unxor.py: error: one of the arguments -g/--guess -k/--key is required

Related Work

unXOR is included in Lenny Zeltser's REMnux, along with other great tools such as:

About

unXOR will search a XORed file and try to guess the key using known-plaintext attacks.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published