# CH02 - 500pts ## Briefing > Below are 4 messages, 2 of them are insecure... find the flag! `2e310d15730618003c27392502592f1b016e1b1c364505191302` `27271e1d6f3935381618340a740404152d0063160106490a0a050d013d2e` `313c0d45350d0c026f3d236b361120191e373c1c3a080e0c2b04` `1b060c2749020b354105271616532f27772f1c204811111745320b10021717` ## Solution 1. First, we guess that the cipher being used is a [one-time pad](https://en.wikipedia.org/wiki/One-time_pad) since two of the hexadecimal strings are the same length. 2. So we have cipher text one `2e310d15730618003c27392502592f1b016e1b1c364505191302` and cipher text two `313c0d45350d0c026f3d236b361120191e373c1c3a080e0c2b04` that were both encrypted using the same one-time pad key. If the key for a one-time pad is used twice, it can be broken using [crib dragging](https://samwho.dev/blog/toying-with-cryptography-crib-dragging/). 3. Basically, XORing the cipher texts gives you the same result as XORing the original messages. The math works out as follows (from [this crib dragging article](https://samwho.dev/blog/toying-with-cryptography-crib-dragging/)): ``` cipher1 = msg1 ^ key cipher2 = msg2 ^ key cipher1 ^ cipher2 = (msg1 ^ key) ^ (msg2 ^ key) cipher1 ^ cipher2 = msg1 ^ msg2 ^ key ^ key cipher1 ^ cipher2 = msg1 ^ msg2 ^ 0 cipher1 ^ cipher2 = msg1 ^ msg2 ``` This is useful because XORing the two cipher texts removes the key from the problem. 4. We can XOR the two cipher texts using \[CyberChef (click for recipe)]\() to get `1f0d0050460b1402531a1a4e34480f021f5927000c4d0b153806`. This hexadecimal string is equal to the two messages XORed together. Therefore, we can start guessing parts of a message to decode both cipher texts and get the flag. [SpiderLabs/cribdrag](https://github.com/SpiderLabs/cribdrag) makes this easy. 5. `python2 cribdrag.py 1f0d0050460b1402531a1a4e34480f021f5927000c4d0b153806`: ``` Your message is currently: 0 __________________________ Your key is currently: 0 __________________________ Please enter your crib: flag *** 0: "yaa7" *** 1: "kl1!" 2: "f<'l" 3: "6*js" *** 4: " gue" *** 5: "mxc4" 6: "rn2}" 7: "d?{}" 8: "5v{)" 9: "|v/S" 10: "|"U/" 11: "(X)h" 12: "R$ne" *** 13: ".ccx" 14: "in~>" 15: "ds8@" *** 16: "y5Fg" *** 17: "?Kak" 18: "Alm*" 19: "f`,l" *** 20: "j!jr" 21: "+gt_" *** 22: "myYa" Enter the correct position, 'none' for no match, or 'end' to quit: 4 Is this crib part of the message or key? Please enter 'message' or 'key': message Your message is currently: 0 ____flag__________________ Your key is currently: 0 ____ gue__________________ Please enter your crib: the *** 0: "keep" *** 1: "yh5f" 2: "t8#+" 3: "$.n4" *** 4: "2cq"" 5: "|gs" 6: "`j6:" 7: "v;:" 8: "'rn" 9: "nr+" 10: "n&Qh" 11: ":\-/" 12: "@ j"" 13: "+" 20: ",$x5" 21: "mbf" 22: "+|K&" Enter the correct position, 'none' for no match, or 'end' to quit: 8 Is this crib part of the message or key? Please enter 'message' or 'key': message Your message is currently: 0 the flag is ______________ Your key is currently: 0 keep guessin______________ Please enter your crib: g for 0: "x-f?4" 1: "j 6)y" *** 2: "gp df" 3: "7fm{p" 4: "!+rm!" 5: "l4dfc?" 18: "@ j"y" 19: "g,+dg" *** 20: "kmmzJ" 21: "*+sWt" Enter the correct position, 'none' for no match, or 'end' to quit: 12 Is this crib part of the message or key? Please enter 'message' or 'key': key Your message is currently: 0 the flag is Shimm_________ Your key is currently: 0 keep guessing for_________ Please enter your crib: the flag *** 0: "keep gue" *** 1: "yh5fmxc4" 2: "t8#+rn2}" 3: "$.n4d?{}" 4: "2cq"5v{)" 5: "|gs|v/S" 6: "`j6:|"U/" 7: "v;:(X)h" 8: "'rnR$ne" 9: "nr+.ccx" 10: "n&Qhin~>" 11: ":\-/ds8@" 12: "@ j"y5Fg" 13: "" 7: "d ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.