So, it will read the flag from the file flag and the key from the file key. It will then grab the first len(flag) bytes of key.
Note this line:
result = list(map(lambda p, k: "{:02x}".format(ord(p) ^ k), flag, key))
is actually just an XOR operation that returns the result as a hex string. As such, it seems to use the bytes of key as a one-time-pad, XORing it with the flag and returning us the result.
Now let's move on to encrypt():
def encrypt(key_location):
ui = input("What data would you like to encrypt? ").rstrip()
if len(ui) == 0 or len(ui) > KEY_LEN:
return -1
start = key_location
stop = key_location + len(ui)
kf = open(KEY_FILE, "rb").read()
if stop >= KEY_LEN:
stop = stop % KEY_LEN
key = kf[start:] + kf[:stop]
else:
key = kf[start:stop]
key_location = stop
result = list(map(lambda p, k: "{:02x}".format(ord(p) ^ k), ui, key))
print("Here ya go!\n{}\n".format("".join(result)))
return key_location
encrypt() does the same kind of thing, except with our input! The only difference is here:
The end point will be looped around to the start point, so once the first KEY_LEN bytes of the key file are used it will loop back around and start from the beginning. This makes it possible for us to gain the same OTP twice!
I'm going to use pwntools for this process. First we grab the encrypted flag:
Now I will feed a string of length KEY_LEN - enc_flag_len into the encrypt() function. Why? This will make the stop exactly 50000, meaning the next encryption will have a start of 0 again, generating the same OTP as it did for the original flag! Now because XOR is a involution - it undoes itself - we can send back the encrypted flag and it will undo the original XOR, returning us the flag!
Be careful that you decode the hex encoding and send the raw bytes!
