BUUCTF ???? 2021-5-19

??

?????????

??? ? wp ?????????? ??? Many-Time-Pad ????? many-time-pad-attack ?? ??? python2 ??????? ????? python2??????????? ?????????

#!/usr/bin/python
## OTP - Recovering the private key from a set of messages that were encrypted w/ the same private key (Many time pad attack) - crypto100-many_time_secret @ alexctf 2017
# Original code by jwomers: https://github.com/Jwomers/many-time-pad-attack/blob/master/attack.py)

import string
import collections
import sets, sys

# 11 unknown ciphertexts (in hex format), all encrpyted with the same key

c1='25030206463d3d393131555f7f1d061d4052111a19544e2e5d'
c2='0f020606150f203f307f5c0a7f24070747130e16545000035d'
c3='1203075429152a7020365c167f390f1013170b1006481e1314'
c4='0f4610170e1e2235787f7853372c0f065752111b15454e0e09'
c5='081543000e1e6f3f3a3348533a270d064a02111a1b5f4e0a18'
c6='0909075412132e247436425332281a1c561f04071d520f0b11'
c7='4116111b101e2170203011113a69001b475206011552050219'
c8='041006064612297020375453342c17545a01451811411a470e'
c9='021311114a5b0335207f7c167f22001b44520c15544801125d'
c10='06140611460c26243c7f5c167f3d015446010053005907145d'
c11='0f05110d160f263f3a7f4210372c03111313090415481d49'
ciphers = [c1, c2, c3, c4, c5, c6, c7, c8, c9, c10, c11]
# The target ciphertext we want to crack
#target_cipher = ?

# XORs two string
def strxor(a, b):     # xor two strings (trims the longer input)
    return "".join([chr(ord(x) ^ ord(y)) for (x, y) in zip(a, b)])

def target_fix(target_cipher):
    # To store the final key
    final_key = [None]*150
    # To store the positions we know are broken
    known_key_positions = set()

    # For each ciphertext
    for current_index, ciphertext in enumerate(ciphers):
        counter = collections.Counter()
        # for each other ciphertext
        for index, ciphertext2 in enumerate(ciphers):
            if current_index != index: # don't xor a ciphertext with itself
                for indexOfChar, char in enumerate(strxor(ciphertext.decode('hex'), ciphertext2.decode('hex'))): # Xor the two ciphertexts
                    # If a character in the xored result is a alphanumeric character, it means there was probably a space character in one of the plaintexts (we don't know which one)
                    if char in string.printable and char.isalpha(): counter[indexOfChar] += 1 # Increment the counter at this index
        knownSpaceIndexes = []

        # Loop through all positions where a space character was possible in the current_index cipher
        for ind, val in counter.items():
            # If a space was found at least 7 times at this index out of the 9 possible XORS, then the space character was likely from the current_index cipher!
            if val >= 7: knownSpaceIndexes.append(ind)
        #print knownSpaceIndexes # Shows all the positions where we now know the key!

        # Now Xor the current_index with spaces, and at the knownSpaceIndexes positions we get the key back!
        xor_with_spaces = strxor(ciphertext.decode('hex'),' '*150)
        for index in knownSpaceIndexes:
            # Store the key's value at the correct position
            final_key[index] = xor_with_spaces[index].encode('hex')
            # Record that we known the key at this position
            known_key_positions.add(index)

    # Construct a hex key from the currently known key, adding in '00' hex chars where we do not know (to make a complete hex string)
    final_key_hex = ''.join([val if val is not None else '00' for val in final_key])
    # Xor the currently known key with the target cipher
    output = strxor(target_cipher.decode('hex'),final_key_hex.decode('hex'))

    print "Fix this sentence:"
    print ''.join([char if index in known_key_positions else '*' for index, char in enumerate(output)])+"\n"

    # WAIT.. MANUAL STEP HERE 
    # This output are printing a * if that character is not known yet
    # fix the missing characters like this: "Let*M**k*ow if *o{*a" = "cure, Let Me know if you a"
    # if is too hard, change the target_cipher to another one and try again
    # and we have our key to fix the entire text!

    #sys.exit(0) #comment and continue if u got a good key

    target_plaintext = ""
    print "Fixed:"
    print target_plaintext+"\n"

    key = strxor(target_cipher.decode('hex'),target_plaintext)

    print "Decrypted msg:"
    for cipher in ciphers:
        print strxor(cipher.decode('hex'),key)

    print "\nPrivate key recovered: "+key+"\n"
    
for i in ciphers:
    target_fix(i)

??????????? target_plaintext ???? ??????? target_plaintext ??? ?? wp ?? target_plaintext ?? cure, Let Me know if you a ??nmd,????? ??????? ????????????

Fix this sentence:
Dear Frie*d**T*is tim* G*

Fixed:

Decrypted msg:

Private key recovered: 

Fix this sentence:
nderstood*m**m*stake *nj*

Fixed:

Decrypted msg:

Private key recovered: 

Fix this sentence:
sed One t*m**p*d encr*pz*

Fixed:

Decrypted msg:

Private key recovered: 

Fix this sentence:
n scheme,*I**e*rd tha* g*

Fixed:

Decrypted msg:

Private key recovered: 

Fix this sentence:
is the on*y**n*ryptio* c*

Fixed:

Decrypted msg:

Private key recovered: 

Fix this sentence:
hod that *s**a*hemati*ab*

Fixed:

Decrypted msg:

Private key recovered: 

Fix this sentence:
 proven t* ** *ot cra*kk*

Fixed:

Decrypted msg:

Private key recovered: 

Fix this sentence:
ever if t*e**e* is ke*t.*

Fixed:

Decrypted msg:

Private key recovered: 

Fix this sentence:
cure, Let*M**k*ow if *o{*

Fixed:

Decrypted msg:

Private key recovered: 

Fix this sentence:
gree with*m**t* use t*i}*

Fixed:

Decrypted msg:

Private key recovered: 

Fix this sentence:
ncryption*s**e*e alwa*s 

Fixed:

Decrypted msg:

Private key recovered:

????????????? ??????????Dear Frie*d**T*is tim* G* -> Dear Friend IT is time Go ?? plaintext ????

Fix this sentence:
Dear Frie*d**T*is tim* G*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
Dear Friend IT is time Go
nderstood muIm!stake anjo
sed One timiIp)d encrypz&
n scheme, I,e)rd that g;
is the only,n+ryption c*
hod that is,a<hematicab#
 proven to n &ot crackk+
ever if the,e1 is kept.<
cure, Let MiIk&ow if yo{o
gree with miIt' use thi}o
ncryption soe%e always 

Private key recovered: afctf{OPT_16I&t3rest1ni2

Fix this sentence:
nderstood*m**m*stake *nj*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
nderstood muIm!stake anjo
Dear Friend IT is time Go
Yd` \x&u'd<II(~'$qo?}>W&
D!wc;Wpc-n@y\(hcakd,pnJ;
Cr$t;W=io"pyW*h~1ke"jnN*
Bn` 'Z|r!'zyX=rb,~x$g/O#

qvo%Ws&u!);'usa|~,g%F+
Owars[{&u&ly\0:n2?g(t:<
ItveQcunD<IR'upavjm}!Vo
MsaesEtrind<IM&:r2z,9l'Po
Dbvy#Ftionz:\$' s{,}=

Private key recovered: Kggt5IRVU8*6p'n43z95 D2

Fix this sentence:
sed One t*m**p*d encr*pz*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
sed One timiIp)d encrypz&
Yd` \x&u'd<II(~'$qo?}>W&
Dear Friend IT is time Go
Y v1Mz,='@eA 7enb~hpZr
^s%&M7&kpeJ"*5ncprp^c
_oar@v=1nzeE5e6({~v1_j
pw=Myieh)'/b'eyx~;Vb
Rv` OAqieoleA8-:6:azl$u
Tuw7C[,e'D IO/b$esl?e?F&
Pr`7O_~=y'd IP.-&6*kt9@&
Ycw+\~&'z&A,hs$v}~e#

Private key recovered: Vff&	SXEX866m/y`7yk->T{

Fix this sentence:
n scheme,*I**e*rd tha* g*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
n scheme, I,e)rd that g;
D!wc;Wpc-n@y\(hcakd,pnJ;
Y v1Mz,='@eA 7enb~hpZr
Dear Friend IT is time Go
C62e F?c'"T D_"inpthc C~
B*v1<K~xi'^ LP5srmaueraBw

5`~>Fq,=!
bD/tc csmrkK
O3wchJy,=&H JT8;~s jiath
I0`tdSi=n`eZ/t` ig,ho[;
M7wthTvx!n@eE.;bse!xyi];
D&`h8Wvc'n^cIT,~7alvmhs

Private key recovered: K#qe.XP\s~x/o$rerx nIf

Fix this sentence:
is the on*y**n*ryptio* c*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
is the only,n+ryption c*
Cr$t;W=io"pyW*h~1ke"jnN*
^s%&M7&kpeJ"*5ncprp^c
C62e F?c'"T D_"inpthc C~
Dear Friend IT is time Go
Ey%&<K3r+kn A[7so=atkhaFf

f3i>F<&m=bI-t~pcrchkOn
H`$thJ4&jx G_:;c# kg{t
y
Nc3cdc"PeQ-t}pif"ro_*
Jd$chT;rc"peN,;#e vciY*
Cu38W;ie"ncD_.~*1lwcrs

Private key recovered: Lp"r.XV_],sss-o9"esv:nMw

Fix this sentence:
hod that *s**a*hemati*ab*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
hod that is,a<hematicab#
Bn` 'Z|r!'zyX=rb,~x$g/O#
_oar@v=1nzeE5e6({~v1_j
B*v1<K~xi'^ LP5srmaueraBw
Ey%&<K3r+kn A[7so=atkhaFf
Dear Friend IT is time Go
zw="K}=1h7bA:nbmvoee*Ng
I|` tGu=1or OP-!>5vav5p
Ow7x_x1'Ze^:nam|{$.^#
Kx`7tYzi-'zeA;!c>p=pn(X#
Biw+$Zzr+'dcLP9d6,yje2

Private key recovered: Mlf&2U\MX&s{|:u%?pnp7/L~

Fix this sentence:
 proven t* ** *ot cra*kk*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
 proven to n &ot crackk+

qvo%Ws&u!);'usa|~,g%F+
pw=Myieh)'/b'eyx~;Vb

5`~>Fq,=!
bD/tc csmrkK

f3i>F<&m=bI-t~pcrchkOn
zw="K}=1h7bA:nbmvoee*Ng
Dear Friend IT is time Go
cvovJziei!bG7&ns7piv?x
`axzP,e!	' ip ~},$W+
gvxvTu=y!)'!&rsr;xn"Q+

vad&Wu&!7!D#c'a{lm8

Private key recovered: spi0XSE^u1s= r4rrhx7%Ev

Fix this sentence:
ever if t*e**e* is ke*t.*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
ever if the,e1 is kept.<
Owars[{&u&ly\0:n2?g(t:<
Rv` OAqieoleA8-:6:azl$u
O3wchJy,=&H JT8;~s jiath
H`$thJ4&jx G_:;c# kg{t
y
I|` tGu=1or OP-!>5vav5p
cvovJziei!bG7&ns7piv?x
Dear Friend IT is time Go
Bfve,X,e&LeZ7&ms=d(l;<
Faae X}=y&leE6io 1"|}=<
Opvyp[}&&rcJT4,:28uil'I

Private key recovered: @ugtfT[EY0s}x7=)!1q|$:a

Fix this sentence:
cure, Let*M**k*ow if *o{*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
cure, Let MiIk&ow if yo{o
ItveQcunD<IR'upavjm}!Vo
Tuw7C[,e'D IO/b$esl?e?F&
I0`tdSi=n`eZ/t` ig,ho[;
Nc3cdc"PeQ-t}pif"ro_*
Ow7x_x1'Ze^:nam|{$.^#
`axzP,e!	' ip ~},$W+
Bfve,X,e&LeZ7&ms=d(l;<
Dear Friend IT is time Go
@bvr,WxynD IK!&qsx/9t&Ao
Isan|WcnZ&Z#c$aqx,e<

Private key recovered: Fvpcjq\E66v r7rx|9-!U2

Fix this sentence:
gree with*m**t* use t*i}*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
gree with miIt' use thi}o
MsaesEtrind<IM&:r2z,9l'Po
Pr`7O_~=y'd IP.-&6*kt9@&
M7wthTvx!n@eE.;bse!xyi];
Jd$chT;rc"peN,;#e vciY*
Kx`7tYzi-'zeA;!c>p=pn(X#
gvxvTu=y!)'!&rsr;xn"Q+
Faae X}=y&leE6io 1"|}=<
@bvr,WxynD IK!&qsx/9t&Ao
Dear Friend IT is time Go
MtvnpErrcnz&E",&2}>xt:

Private key recovered: BqgcfJTMY866i!=5!t:m<'S2

Fix this sentence:
ncryption*s**e*e alwa*s 

Fixed:
Dear Friend IT is time Go

Decrypted msg:
ncryption soe%e always 
Dbvy#Ftionz:\$' s{,}=
Ycw+\~&'z&A,hs$v}~e#
D&`h8Wvc'n^cIT,~7alvmhs
Cu38W;ie"ncD_.~*1lwcrs
Biw+$Zzr+'dcLP9d6,yje2

vad&Wu&!7!D#c'a{lm8
Opvyp[}&&rcJT4,:28uil'I
Isan|WcnZ&Z#c$aqx,e<
MtvnpErrcnz&E",&2}>xt:
Dear Friend IT is time G

Private key recovered: K`p6ITV_&0~x#x`3}mx-=

?????????????afctf{OPT_16I&t3rest1ni2 ????????? ???????????????

nderstood*m**m*stake *nj*
sed One t*m**p*d encr*pz*
n scheme,*I**e*rd tha* g*
is the on*y**n*ryptio* c*
hod that *s**a*hemati*ab*
proven t * ** *ot cra * kk *
ever if t*e**e* is ke*t.*
cure, Let*M**k*ow if *o{*
gree with*m**t* use t*i}*
ncryption * s ** e * e alwa * s

????????? flag?afctf{OPT_1s_Int3rest1ng} ??????????????? ?????????? ?????????

??

??????