Intro:
Welcome! Today, we’re diving into the world of XOR properties with a practical example from CryptoHack. If you haven’t attempted the challenge yet, head over to CryptoHack Challenge: XOR Properties and give it a shot. Come back here for a helpful guide as you work your way through to find the flag.
Challenge Overview:
In this challenge, we’re presented with a series of XOR operations involving keys and a flag. The goal is to figure out the unknown keys and ultimately unveil the hidden flag.
First Let’s Review The XOR Properties:
XOR Properties Recap:
Commutative: A ⊕ B = B ⊕ A
Associative: A ⊕ (B ⊕ C) = (A ⊕ B) ⊕ C
Identity: A ⊕ 0 = A
Self-Inverse: A ⊕ A = 0
Let’s simplify these properties. Understanding how this works makes finding the answer much easier. Note that ⊕ is the symbol for XOR. If you’re not familiar with XOR, check out this short video for a quick explanation: XOR Explanation Video.
Commutative:
Property: A ⊕ B = B ⊕ A
Explanation: The order in which you XOR two values does not matter. Whether you XOR A with B or B with A, the result will be the same.
Associative:
Property: A ⊕ (B ⊕ C) = (A ⊕ B) ⊕ C
Explanation: This means that it doesn’t matter how you group the XOR operations; the result will be the same. You can either XOR A with the result of (B ⊕ C), or you can XOR (A ⊕ B) with C, and the outcome will be identical.
Identity:
Property: A ⊕ 0 = A
Explanation: XORing any value with 0 will result in the original value. In other words, 0 acts as the identity element for XOR.
Self-Inverse:
Property: A ⊕ A = 0
Explanation: XORing a value with itself will always result in 0. Each bit in A cancels out with the corresponding bit in A when XORed, leaving you with a result of 0.
Back to CryptoHack:
Now that we’ve gained a better grasp of XOR properties, let’s dive into the challenge involving keys and flags. Here’s a step-by-step guide to unraveling the flag:
What Is Given and Known:
- KEY1: a6c8b6733c9b22de7bc0253266a3867df55acde8635e19c73313
KEY2 ⊕ KEY1: 37dcb292030faa90d07eec17e3b1c6d8daf94c35d4c9191a5e1e
KEY2 ⊕ KEY3: c1545756687e7573db23aa1c3452a098b71a7fbf0fddddde5fc1
FLAG ⊕ KEY1 ⊕ KEY3 ⊕ KEY2: 04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf
The Unknowns:
- KEY2
- KEY3
- KEY4 (which is essentially KEY1 ⊕ KEY3 ⊕ KEY2)
- FLAG
Game Plan:
To find the answer, let’s go through the list of what we already know and use that information to figure out what we don’t know. Once we obtain KEY4, we can use it to discover the flag.
Step 1: Find KEY2
We know what KEY1 is and we know the XOR result of KEY2 ⊕ KEY1. By using a tool like CyberChef, we can XOR KEY1 with KEY2 ⊕ KEY1 to find KEY2.
CyberChef Recipe:
- From Hex
- XOR Hex
- To Hex
After XOR KEY1 with KEY2 ⊕ KEY1. The result gives us KEY2
KEY2=911404e13f94884eabbec925851240a52fa381ddb79719dd6d0d.
You can verify the accuracy of this value and ensure we are on the correct path by performing the XOR operation on KEY2 and KEY1. This should yield the output value for KEY2 ⊕ KEY1 that was initially provided at the beginning of the challenge.
Step 2: Find KEY3
Now that we have KEY2, we can repeat the process to find KEY3. Using KEY2 and the given XOR result of KEY2 ⊕ KEY3, we find:
KEY3 = 504053b757eafd3d709d6339b140e03d98b9fe62b84ac40332cc
Step 3: Find KEY4
KEY4 can be defined as KEY1 ⊕ KEY3 ⊕ KEY2, and will be needed to find FLAG. Luckily values for both KEY1 and KEY3 ⊕ KEY2 were given to us. So we can XOR them against each other to find KEY4:
KEY4 = 679ce12554e557ada0e38f2e52f126e54240b2576c83c4196cd2
Step 4: Find the Flag
Remember we know FLAG ⊕ KEY1 ⊕ KEY3 ⊕ KEY2 = 04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf
and we know KEY4 can be defined as KEY1 ⊕ KEY3 ⊕ KEY2.
So we can rewrite FLAG ⊕ KEY1 ⊕ KEY3 ⊕ KEY2 as FLAG ⊕ KEY4.
FLAG ⊕ KEY4 = 04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf
Let’s XOR this against KEY4 to find and capture our FLAG!
FLAG= 63727970746f7b7830725f69355f61737330633161743176337d
Convert FLAG to Readable Text
You can remove the “XOR Hex” and “To Hex” from your CyberChef recipe. Post FLAG in the input and your Output should be your FLAG in readable text.
Wrapping Up The WriteUp:
To sum it up, I took a different route in solving the CryptoHack Challenge. Instead of using code, I visually walked through XOR properties, making it simpler to grasp. By breaking down each step, we found the keys and uncovered the flag.
This might not be the usual automated method, but it’s a hands-on way to understand XOR, especially for those finding it a bit tricky. Beyond just finding the flag, it’s about making cryptographic concepts more understandable and embracing different ways to solve problems.