🔐 CryptoHack - Introduction to CryptoHack

Finding Flags#

Each challenge is designed to help introduce you to a new piece of cryptography. Solving a challenge will require you to find a “flag”. These flags will usually be in the format crypto{y0ur_f1rst_fl4g}. The flag format helps you verify that you found the correct solution. Try submitting this flag into the form below to solve your first challenge.

Finding Flags

FLAG
The flag is straightforward. Just submit it to complete the challenge! Flag: crypto{y0ur_f1rst_fl4g}

Great Snakes#

Modern cryptography involves code, and code involves coding. CryptoHack provides a good opportunity to sharpen your skills. Of all modern programming languages, Python 3 stands out as ideal for quickly writing cryptographic scripts and attacks. For more information about why we think Python is so great for this, please see the FAQ. Run the attached Python script and it will output your flag.

Challenge files:

great_snakes.py

Resources:

Downloading Python

Great Snakes

great_snakes.py :

1
#!/usr/bin/env python3
2
import sys
3
# import this
4

5
if sys.version_info.major == 2:
6
  print("You are running Python 2, which is no longer supported. Please update to Python 3.")
7

8
ords = [81, 64, 75, 66, 70, 93, 73, 72, 1, 92, 109, 2, 84, 109, 66, 75, 70, 90, 2, 92, 79]
9

10
print("Here is your flag:")
11
print("".join(chr(o ^ 0x32) for o in ords))

This Python script deciphers an encoded message by XORing a list of numerical values with 0x32 (decimal 50) and then converting the result into a readable string.

TIP
For more details on XOR operations, check out this resource: Basics of XORing

FLAG
By running this script, we get the flag. 🎯 Flag: crypto{z3n_0f_pyth0n}

ASCII#

ASCII is a 7-bit encoding standard which allows the representation of text using the integers 0-127. Using the below integer array, convert the numbers to their corresponding ASCII characters to obtain a flag.

In Python, the chr() function can be used to convert an ASCII ordinal number to a character (the ord() function does the opposite).

[99, 114, 121, 112, 116, 111, 123, 65, 83, 67, 73, 73, 95, 112, 114, 49, 110, 116, 52, 98, 108, 51, 125]

ASCII

This challenge involves using the chr() function in Python to convert the given decimal numbers into their corresponding ASCII characters and construct the flag.

TIP
For more details on ASCII, check out this resource: ASCII
For more details on chr() function in Python, check out this resource: For more details check the FAQ

Solution :

1
ascii_values = [99, 114, 121, 112, 116, 111, 123, 65, 83, 67, 73, 73, 95, 112, 114, 49, 110, 116, 52, 98, 108, 51, 125]
2
flag = ''.join(chr(i) for i in ascii_values)
3
print(flag)

FLAG
By running this script, we get the flag. 🎯 Flag: crypto{ASCII_pr1nt4bl3}

Hex#

When we encrypt something the resulting ciphertext commonly has bytes which are not printable ASCII characters. If we want to share our encrypted data, it’s common to encode it into something more user-friendly and portable across different systems.

Hexadecimal can be used in such a way to represent ASCII strings. First each letter is converted to an ordinal number according to the ASCII table (as in the previous challenge). Then the decimal numbers are converted to base-16 numbers, otherwise known as hexadecimal. The numbers can be combined together, into one long hex string.

Included below is a flag encoded as a hex string. Decode this back into bytes to get the flag.

1
63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d

NOTE
In Python, the bytes.fromhex() function can be used to convert hex to bytes. The .hex() instance method can be called on byte strings to get the hex representation. For more details check the FAQ

Resources:

HEX

Solution : The hexadecimal string can be converted to bytes using Python’s bytes.fromhex() method, then decoded to a readable string using .decode().

1
hex_value = '63727970746f7b596f755f77696c6c5f62655f776f726b696e675f776974685f6865785f737472696e67735f615f6c6f747d'
2
flag = bytes.fromhex(hex_value).decode()
3
print(flag)

FLAG
By running this script, we get the flag. 🎯 Flag: crypto{You_will_be_working_with_hex_strings_a_lot}

Base64#

Another common encoding scheme is Base64, which allows us to represent binary data as an ASCII string using an alphabet of 64 characters. One character of a Base64 string encodes 6 binary digits (bits), and so 4 characters of Base64 encode three 8-bit bytes.

Base64 is most commonly used online, so binary data such as images can be easily included into HTML or CSS files.

Take the below hex string, decode it into bytes and then encode it into Base64.

1
72bca9b68fc16ac7beeb8f849dca1d8a783e8acf9679bf9269f7bf

NOTE
In Python, after importing the base64 module with import base64, you can use the base64.b64encode() function. Remember to decode the hex first as the challenge description states. For more details check the FAQ

Base64

Solution : We use Python’s base64 module to decode the string.

1
import base64
2

3
base64_value = '72bca9b68fc16ac7beeb8f849dca1d8a783e8acf9679bf9269f7bf'
4

5
# Convert hex to bytes
6
flag = bytes.fromhex(base64_value)
7

8
# Encode bytes to standard Base64
9
flag = base64.b64encode(flag).decode()  # Decode for readability
10
print(flag)

FLAG
By running this script, we get the flag. 🎯 Flag: crypto/Base+64+Encoding+is+Web+Safe/

Bytes and Big Integers#

Cryptosystems like RSA works on numbers, but messages are made up of characters. How should we convert our messages into numbers so that mathematical operations can be applied

The most common way is to take the ordinal bytes of the message, convert them into hexadecimal, and concatenate. This can be interpreted as a base-16/hexadecimal number, and also represented in base-10/decimal.

To illustrate:

1
message: HELLO
2
ascii bytes: [72, 69, 76, 76, 79]
3
hex bytes: [0x48, 0x45, 0x4c, 0x4c, 0x4f]
4
base-16: 0x48454c4c4f
5
base-10: 310400273487

NOTE
Python’s PyCryptodome library implements this with the methods bytes_to_long() and long_to_bytes(). You will first have to install PyCryptodome and import it with from Crypto.Util.number import *. For more details check the FAQ.

Convert the following integer back into a message:

1
11515195063862318899931685488813747395775516287289682636499965282714637259206269

Bytes and Big Integers

Solution :

1
from Crypto.Util.number import *
2

3
message = 11515195063862318899931685488813747395775516287289682636499965282714637259206269
4

5
flag = long_to_bytes(message) # Converts the large integer into its original byte representation.
6
print(flag.decode())  # decode

FLAG
By running this script, we get the flag. 🎯 Flag: crypto{3nc0d1n6_4ll_7h3_w4y_d0wn}

XOR Starter#

XOR is a bitwise operator which returns 0 if the bits are the same, and 1 otherwise. In textbooks the XOR operator is denoted by ⊕, but in most challenges and programming languages you will see the caret ^ used instead.

A	B	Output
0	0	0
0	1	1
1	0	1
1	1	0

For longer binary numbers we XOR bit by bit: 0110 ^ 1010 = 1100. We can XOR integers by first converting the integer from decimal to binary. We can XOR strings by first converting each character to the integer representing the Unicode character.

Given the string label, XOR each character with the integer 13. Convert these integers back to a string and submit the flag as crypto{new_string}.

TIP
The Python pwntools library has a convenient xor() function that can XOR together data of different types and lengths. But first, you may want to implement your own function to solve this

XOR Starter

Solution :

1
from pwn import *
2

3
# Given string
4
given_string = "label"
5

6
# XOR each character with 13 using pwn's xor function
7
xor_result = xor(given_string, 13)
8

9
# Format the flag
10
flag = f"crypto{{{xor_result.decode()}}}"
11
print(flag)

FLAG
We XOR each character with 13 using pwn’s xor function. By running this script, we get the flag. 🎯 Flag: crypto{aloha}

XOR Properties#

In the last challenge, you saw how XOR worked at the level of bits. In this one, we’re going to cover the properties of the XOR operation and then use them to undo a chain of operations that have encrypted a flag. Gaining an intuition for how this works will help greatly when you come to attacking real cryptosystems later, especially in the block ciphers category.

There are four main properties we should consider when we solve challenges using the XOR operator

1
Commutative: A ⊕ B = B ⊕ A
2
Associative: A ⊕ (B ⊕ C) = (A ⊕ B) ⊕ C
3
Identity: A ⊕ 0 = A
4
Self-Inverse: A ⊕ A = 0

Let’s break this down. Commutative means that the order of the XOR operations is not important. Associative means that a chain of operations can be carried out without order (we do not need to worry about brackets). The identity is 0, so XOR with 0 “does nothing”, and lastly something XOR’d with itself returns zero.

Let’s put this into practice! Below is a series of outputs where three random keys have been XOR’d together and with the flag. Use the above properties to undo the encryption in the final line to obtain the flag.

1
KEY1 = a6c8b6733c9b22de7bc0253266a3867df55acde8635e19c73313
2
KEY2 ^ KEY1 = 37dcb292030faa90d07eec17e3b1c6d8daf94c35d4c9191a5e1e
3
KEY2 ^ KEY3 = c1545756687e7573db23aa1c3452a098b71a7fbf0fddddde5fc1
4
FLAG ^ KEY1 ^ KEY3 ^ KEY2 = 04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf

TIP
Before you XOR these objects, be sure to decode from hex to bytes.

XOR Properties

Solution :

1
from pwn import *
2

3
# Given values
4
KEY1 = "a6c8b6733c9b22de7bc0253266a3867df55acde8635e19c73313"
5
KEY2_XOR_KEY1 = "37dcb292030faa90d07eec17e3b1c6d8daf94c35d4c9191a5e1e"
6
KEY2_XOR_KEY3 = "c1545756687e7573db23aa1c3452a098b71a7fbf0fddddde5fc1"
7
FLAG_XOR_ALL = "04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf"
8

9
# Let's decode them from hex to bytes first.
10
KEY1 = bytes.fromhex(KEY1)
11
KEY2_XOR_KEY1 = bytes.fromhex(KEY2_XOR_KEY1)
12
KEY2_XOR_KEY3 = bytes.fromhex(KEY2_XOR_KEY3)
13
FLAG_XOR_ALL = bytes.fromhex(FLAG_XOR_ALL)
14

15
# We first derive KEY2 using KEY2 = (KEY2 ^ KEY1) ^ KEY1 since x ^ x = 0
16
KEY2 = xor(KEY2_XOR_KEY1, KEY1)
17

18
# Then we derive key 3
19
KEY3 = xor(KEY2_XOR_KEY3, KEY2)
20

21
# Flag
22
FLAG = xor(FLAG_XOR_ALL, xor(KEY1, xor(KEY2, KEY3)))
23

24
flag = FLAG.decode()
25
print(flag)

FLAG
Using the associative property of XOR, we successfully combined the keys to extract the flag. Running this script reveals the flag: 🎯 Flag: crypto{x0r_i5_ass0c1at1v3}.

Favorite Byte#

For the next few challenges, you’ll use what you’ve just learned to solve some more XOR puzzles. I’ve hidden some data using XOR with a single byte, but that byte is a secret. Don’t forget to decode from hex first.

1
73626960647f6b206821204f21254f7d694f7624662065622127234f726927756d

Favorite Byte

Solution :

1
from pwn import *
2

3
# Given hex-encoded data (XOR-encrypted with a single unknown byte)
4
data = bytes.fromhex("73626960647f6b206821204f21254f7d694f7624662065622127234f726927756d")
5

6
# Brute-force the single-byte key by trying all possible values (0-255)
7
for key in range(256):
8
    decrypted = xor(data, key)  # XOR the data with the key candidate
9

10
    # Check if the decrypted text starts with "crypto" (expected flag format)
11
    if decrypted.decode().startswith("crypto"):
12
        print(f"Key: {key}, Flag: {decrypted.decode()}")  # Print the key and extracted flag
13
        break  # Stop once the correct key is found

FLAG
Using brute-force, we successfully identified the single-byte key and decrypted the message to reveal the flag. Running this script reveals the flag: 🎯 Flag: crypto{0x10_15_my_f4v0ur173_by7e}.

You either know, XOR you don’t#

I’ve encrypted the flag with my secret key, you’ll never be able to guess it.

TIP
Remember the flag format and how it might help you in this challenge!

1
0e0b213f26041e480b26217f27342e175d0e070a3c5b103e2526217f27342e175d0e077e263451150104

You either know, XOR you don't

Solution :

1
from pwn import *
2

3
# Given encrypted flag in hex format
4
flag_hex = "0e0b213f26041e480b26217f27342e175d0e070a3c5b103e2526217f27342e175d0e077e263451150104"
5

6
# Convert hex-encoded flag to bytes
7
flag_bytes = bytes.fromhex(flag_hex)
8

9
# Since we know the flag format starts with "crypto{", we use it to determine the XOR key
10
partial_key = xor(flag_bytes[:7], b"crypto{")  # Extract part of the key using known plaintext
11
# Output: b'myXORke+y' (partial key discovered)
12

13
# Observing the pattern, I guessed the key is "myXORkey"
14
key = b"myXORkey"
15

16
# Decrypt the flag by XORing with the derived key
17
decrypted_flag = xor(flag_bytes, key)
18

19
# Print the decrypted flag
20
print(decrypted_flag.decode())

FLAG
This demonstrates how XOR encryption can be broken when partial plaintext is known. Running this script reveals the flag: 🎯 Flag: crypto{1f_y0u_Kn0w_En0uGH_y0u_Kn0w_1t_4ll}.

Conclusion#

This walkthrough covered encoding (Hex, Base64) and basic XOR operations, essential for cryptographic challenges. Understanding these fundamentals helps in tackling more advanced cryptography problems. 🚀

Finished