# Introduction To CryptoHack - Writeup
This starter course gets you up and running with CryptoHack. You'll learn to encode and decode data types that are commonly used in cryptography. Then you'll get comfortable with the XOR operation which is at the centre of symmetric cryptography. Finally, the course ends with some fun XOR puzzles to test what you've learned.
In this writeup I shall cover my solutions to the problems that are available in this introductory course module.
## 1. Finding Flags
### Description
Each challenge is designed to help introduce you to a new piece of cryptography. Solving a challenge will require you to find a "flag".
These flags will usually be in the format `crypto{y0ur_f1rst_fl4g}`. The flag format helps you verify that you found the correct solution.
Try submitting this flag into the form below to solve your first challenge.
### Solution
`crypto{y0ur_f1rst_fl4g}`
## 2. Great Snakes
### Description
Modern cryptography involves code, and code involves coding. CryptoHack provides a good opportunity to sharpen your skills.
Of all modern programming languages, Python 3 stands out as ideal for quickly writing cryptographic scripts and attacks.
Run the attached Python script and it will output your flag.
Challenge files:
- [great_snakes.py](https://cryptohack.org/static/challenges/great_snakes_35381fca29d68d8f3f25c9fa0a9026fb.py)
Resources:
- [Downloading Python](https://wiki.python.org/moin/BeginnersGuide/Download)
### Solution
We are basically provided with a python script, that we are supposed to run to get the flag, reviewing the script we can see that it's basically a script to perform XOR (Exclusive OR Operation):
Thus running this the operation shall result to the plaintext flag:
`crypto{z3n_0f_pyth0n}`
## 3. ASCII
### Description
ASCII is a 7-bit encoding standard which allows the representation of text using the integers 0-127.
Using the below integer array, convert the numbers to their corresponding ASCII characters to obtain a flag.
```
[99, 114, 121, 112, 116, 111, 123, 65, 83, 67, 73, 73, 95, 112, 114, 49, 110, 116, 52, 98, 108, 51, 125]
```
In Python, the chr() function can be used to convert an ASCII ordinal number to a character (the ord() function does the opposite).
### Solution
By writing a python script, I am able to solve this as seen below:
`crypto{ASCII_pr1nt4bl3}`
## 4. Hex
### Description
When we encrypt something the resulting ciphertext commonly has bytes which are not printable ASCII characters. If we want to share our encrypted data, it's common to encode it into something more user-friendly and portable across different systems.
Hexadecimal can be used in such a way to represent ASCII strings. First each letter is converted to an ordinal number according to the ASCII table (as in the previous challenge). Then the decimal numbers are converted to base-16 numbers, otherwise known as hexadecimal. The numbers can be combined together, into one long hex string.
Included below is a flag encoded as a hex string. Decode this back into bytes to get the flag.
```
63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d
```
In Python, the bytes.fromhex() function can be used to convert hex to bytes. The .hex() instance method can be called on byte strings to get the hex representation.
Resources:
- [ASCII table](https://www.rapidtables.com/code/text/ascii-table.html)
- [Wikipedia: Hexadecimal](https://en.wikipedia.org/wiki/Hexadecimal)
### Solution
#### Solution A
Using the utility **xxd** we can easily decode the hex to plaintext via shell/terminal with the command:
```shell
xxd -r -p <<< "63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d"
```
#### Solution B
By writing the following python script we can easily decode the hex and get the plaintext readable string:
```python
hex_string = "63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d"
hex_bytes = bytes.fromhex(hex_string)
print(hex_bytes.decode('ASCII'))
```
## 5. Base64
### Description
Another common encoding scheme is Base64, which allows us to represent binary data as an ASCII string using an alphabet of 64 characters. One character of a Base64 string encodes 6 binary digits (bits), and so 4 characters of Base64 encode three 8-bit bytes.
Base64 is most commonly used online, so binary data such as images can be easily included into HTML or CSS files.
Take the below hex string, decode it into bytes and then encode it into Base64.
```
72bca9b68fc16ac7beeb8f849dca1d8a783e8acf9679bf9269f7bf
```
In Python, after importing the base64 module with import base64, you can use the base64.b64encode() function. Remember to decode the hex first as the challenge description states.
### Solution
#### Solution A
Using the utility **base64** we can easily decode the hex then decode the base64 to get the readable output using the following command:
```shell
xxd -r -p <<< "72bca9b68fc16ac7beeb8f849dca1d8a783e8acf9679bf9269f7bf" | base64
```
#### Solution B
Writing the following python script we can easily achieve to get the required flag:
```python
import base64
hex_str = "72bca9b68fc16ac7beeb8f849dca1d8a783e8acf9679bf9269f7bf"
hex_byt = bytes.fromhex(hex_str)
print(base64.b64encode(hex_byt))
```
## 6. Bytes and Big Integers
### Description
Cryptosystems like RSA works on numbers, but messages are made up of characters. How should we convert our messages into numbers so that mathematical operations can be applied?
The most common way is to take the ordinal bytes of the message, convert them into hexadecimal, and concatenate. This can be interpreted as a base-16/hexadecimal number, and also represented in base-10/decimal.
To illustrate:
```
message: HELLO
ascii bytes: [72, 69, 76, 76, 79]
hex bytes: [0x48, 0x45, 0x4c, 0x4c, 0x4f]
base-16: 0x48454c4c4f
base-10: 310400273487
```
Python's PyCryptodome library implements this with the methods bytes_to_long() and long_to_bytes(). You will first have to install PyCryptodome and import it with from Crypto.Util.number import *. For more details check the FAQ.
Convert the following integer back into a message:
```
11515195063862318899931685488813747395775516287289682636499965282714637259206269
```
### Solution
First we need to install **pycryptodome** using the command `pip3 install pycryptodome` then we write the following python script to convert the integer back to a plaintext message:
```python
from Crypto.Util.number import *
a = 11515195063862318899931685488813747395775516287289682636499965282714637259206269
print(long_to_bytes(a).decode('ASCII'))
```
which eventually should provide us with the plaintext message after running it:
`crypto{3nc0d1n6_4ll_7h3_w4y_d0wn}`
## 7. XOR Starter
### Description
XOR is a bitwise operator which returns 0 if the bits are the same, and 1 otherwise. In textbooks the XOR operator is denoted by ⊕, but in most challenges and programming languages you will see the caret `^` used instead.
| A | B | Output |
|----------|----------|----------|
| 0 | 0 | 0 |
| 0 | 1 | 1 |
| 1 | 0 | 1 |
| 1 | 1 | 0 |
For longer binary numbers we XOR bit by bit: 0110 ^ 1010 = 1100. We can XOR integers by first converting the integer from decimal to binary. We can XOR strings by first converting each character to the integer representing the Unicode character.
For longer binary numbers we XOR bit by bit: 0110 ^ 1010 = 1100. We can XOR integers by first converting the integer from decimal to binary. We can XOR strings by first converting each character to the integer representing the Unicode character.
Given the string label, XOR each character with the integer 13. Convert these integers back to a string and submit the flag as crypto{new_string}.
The Python pwntools library has a convenient xor() function that can XOR together data of different types and lengths. But first, you may want to implement your own function to solve this.
### Solution
We write a python script that will perform XOR operation on each byte of the word `label` and provide the output:
```python
secret = b"label"
print("".join(chr(ct ^ 13) for ct in secret))
```
Running this we should be able to get the required output:
`crypto{aloha}`
## 8. XOR Properties
### Description
In the last challenge, you saw how XOR worked at the level of bits. In this one, we're going to cover the properties of the XOR operation and then use them to undo a chain of operations that have encrypted a flag. Gaining an intuition for how this works will help greatly when you come to attacking real cryptosystems later, especially in the block ciphers category.
There are four main properties we should consider when we solve challenges using the XOR operator
```
Commutative: A ⊕ B = B ⊕ A
Associative: A ⊕ (B ⊕ C) = (A ⊕ B) ⊕ C
Identity: A ⊕ 0 = A
Self-Inverse: A ⊕ A = 0
```
Let's break this down. Commutative means that the order of the XOR operations is not important. Associative means that a chain of operations can be carried out without order (we do not need to worry about brackets). The identity is 0, so XOR with 0 "does nothing", and lastly something XOR'd with itself returns zero.
Let's put this into practice! Below is a series of outputs where three random keys have been XOR'd together and with the flag. Use the above properties to undo the encryption in the final line to obtain the flag.
```
KEY1 = a6c8b6733c9b22de7bc0253266a3867df55acde8635e19c73313
KEY2 ^ KEY1 = 37dcb292030faa90d07eec17e3b1c6d8daf94c35d4c9191a5e1e
KEY2 ^ KEY3 = c1545756687e7573db23aa1c3452a098b71a7fbf0fddddde5fc1
FLAG ^ KEY1 ^ KEY3 ^ KEY2 = 04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf
```
Before you XOR these objects, be sure to decode from hex to bytes.
### Solution
To simply solve this I first install pwntools using the command `pip3 install pwntools` then I write the below script:
```python
from pwn import xor
key_1 = bytes.fromhex("a6c8b6733c9b22de7bc0253266a3867df55acde8635e19c73313")
key_2_key_1 = bytes.fromhex("37dcb292030faa90d07eec17e3b1c6d8daf94c35d4c9191a5e1e")
key_2_key_3 = bytes.fromhex("c1545756687e7573db23aa1c3452a098b71a7fbf0fddddde5fc1")
flag_key_1_key_3_key2 = bytes.fromhex("04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf")
flag = xor(key_1, key_2_key_3, flag_key_1_key_3_key2)
print(flag)
```
Running it should provide the flag:
`crypto{x0r_i5_ass0c1at1v3}`
## 9. Favourite Byte
### Description
For the next few challenges, you'll use what you've just learned to solve some more XOR puzzles.
I've hidden some data using XOR with a single byte, but that byte is a secret. Don't forget to decode from hex first.
```
73626960647f6b206821204f21254f7d694f7624662065622127234f726927756d
```
### Solution
Using the following script with `pwntools` I am able to get the flag required,
```python
from pwn import xor
ct = bytes.fromhex("73626960647f6b206821204f21254f7d694f7624662065622127234f726927756d")
for key in range(256):
try:
pt = xor(ct, key).decode()
if 'crypto' in pt:
print(f"key: {key} - flag: {pt}")
except UnicodeDecodeError:
pass
```
The flag is:
`crypto{0x10_15_my_f4v0ur173_by7e}`
## 10. You either know, XOR you don't
### Description
I've encrypted the flag with my secret key, you'll never be able to guess it.
Remember the flag format and how it might help you in this challenge!
```
0e0b213f26041e480b26217f27342e175d0e070a3c5b103e2526217f27342e175d0e077e263451150104
```
### Solution
Using cyberchef, I was able to get the plaintext flag;
When using the key `crypto{` we get the output which contains the string `myXORkey` using this as the key we get the flag:
`crypto{1f_y0u_Kn0w_En0uGH_y0u_Kn0w_1t_4ll}`
And that's it! That's the whole Introduction to CryptoHack course problems that we just solved!
<div style="width:100%;height:0;padding-bottom:75%;position:relative;"><iframe src="https://giphy.com/embed/26tPplGWjN0xLybiU" width="100%" height="100%" style="position:absolute" frameBorder="0" class="giphy-embed" allowFullScreen></iframe></div>
Google Drive
Gist
Clipboard
Sign in via Facebook
Sign in via X(Twitter)
Sign in via GitHub
Sign in via Dropbox
Sign in with Wallet
