hacker.org Forum Index
RegisterSearchFAQMemberlistUsergroupsLog in
Broken XOR 3
Goto page 1, 2  Next
 
Reply to topic    hacker.org Forum Index » Challenges View previous topic
View next topic
Broken XOR 3
Author Message
rmplpmpl



Joined: 26 Oct 2008
Posts: 113
Location: Germany

Post Broken XOR 3 Reply with quote
Hi there, after brute-forcing my way through xor3 yesterday I have a small issue on understanding the broken xor 3 cipher.

Do I understand it correct that with "encrypted with the same cipher as the Didactic XOR 3 challenge" that means same encryption method, same startkey, same offset (x)?

Probably not, but then I am lacking inital ideas how to hack this.
Tue Nov 11, 2008 8:58 am View user's profile Send private message
the_impaler



Joined: 30 Apr 2008
Posts: 61

Post Reply with quote
The key and offset are different.
I am not sure if there is such English word like "brutter" but if there is then you should try "brutter force" approach. It's not too much harder than xor 3, so just make your brute force a bit more so. :twisted:
Tue Nov 11, 2008 2:19 pm View user's profile Send private message
m!nus



Joined: 28 Jul 2007
Posts: 202
Location: Germany

Post Reply with quote
It's not that hard, you can find it as in XOR 3 but a part of the message is broken.
as it says in the challenge there are missing 0s, so you put them where the string gets unreadable, just a bit trail and error
Wed Nov 12, 2008 1:34 pm View user's profile Send private message
rmplpmpl



Joined: 26 Oct 2008
Posts: 113
Location: Germany

Post Reply with quote
OK, so the beginning of the message must be encoded correct - that was my main concern, since it would add so many more interations to the brute force, if there is a zero missing at the beginning.
Wed Nov 12, 2008 2:05 pm View user's profile Send private message
gfoot



Joined: 05 Sep 2007
Posts: 269
Location: Brighton, UK

Post Reply with quote
You can brute-force the adding of zeros too. There aren't actually too many additional strings to try to decode.
Wed Nov 12, 2008 6:53 pm View user's profile Send private message
rmplpmpl



Joined: 26 Oct 2008
Posts: 113
Location: Germany

Post Reply with quote
gfoot wrote:
You can brute-force the adding of zeros too. There aren't actually too many additional strings to try to decode.


Well, I got it now, it was quite easy, acutally. But I still don't understand how you possibly could brute force it.

You need to find the startkey and the offset value. If a zero at the beginning of the cipher would have been missing, all decoding would lead to ASCII-garbage, so you had no chance to find out that your key and offset where correct and you only would have to add a zero or two. Perhaps I just don't get it?
Wed Nov 12, 2008 7:42 pm View user's profile Send private message
gfoot



Joined: 05 Sep 2007
Posts: 269
Location: Brighton, UK

Post Reply with quote
If you want to discuss it, we can do so in the solution forum - we shouldn't talk too much about solutions here.
Wed Nov 12, 2008 8:39 pm View user's profile Send private message
rmplpmpl



Joined: 26 Oct 2008
Posts: 113
Location: Germany

Post Reply with quote
gfoot wrote:
If you want to discuss it, we can do so in the solution forum - we shouldn't talk too much about solutions here.


You're right Smile
Wed Nov 12, 2008 8:56 pm View user's profile Send private message
Allosentient



Joined: 10 Apr 2008
Posts: 273

Post Reply with quote
gfoot wrote:
You can brute-force the adding of zeros too. There aren't actually too many additional strings to try to decode.


I don't really get this, here is the text, it is 133 characters long: 8d541ae26426f8b97426b7ae7240d78e401f8f904717d09b2fa4a4622cfcbf7337fbba2cdbcb4e3cdb994812b66a27e9e02f21faf8712bd2907fc384564998857e3b1

That means there are 2^(133-1) possible ways to add zeros, which is around 10^40, so I don't think brute forcing the adding of zeros by itself is correct, there will have to be other things going on at the same time. I am trying something right now but not very optimistic about it
Sat Nov 22, 2008 4:08 am View user's profile Send private message
gfoot



Joined: 05 Sep 2007
Posts: 269
Location: Brighton, UK

Post Reply with quote
Maybe "brute force" is overstating it - you need to prune your search too. You also get a lot of false positives, e.g. adding a zero before every character gives a ciphertext with only 16 values in it, which decrypts to random ascii text for quite a few key values.
Sat Nov 22, 2008 10:17 am View user's profile Send private message
Allosentient



Joined: 10 Apr 2008
Posts: 273

Post Reply with quote
I tried splitting the text string into about 9 or 10 characters (4-5 hex values) and iterating through all possible combinations, shifting the text substring taken by 1, then trying ALL possible combinations, and searching for the string "the", "solu", or "answ", or "hack" which in theory should have came up. There were a few matches but they were just random. I guess I am doing something wrong or none of those strings are in the decrypted text.
Sat Nov 22, 2008 4:09 pm View user's profile Send private message
silverSl!DE



Joined: 31 Oct 2008
Posts: 7

Post Reply with quote
Hint
Read the Topic: "Didactic XOR Cipher 3"
Tue Nov 25, 2008 10:54 am View user's profile Send private message
lukas



Joined: 26 Nov 2008
Posts: 34
Location: Germany

Post Reply with quote
script languages 4 ever Laughing
Thu Nov 27, 2008 3:28 pm View user's profile Send private message
nighthalk



Joined: 31 Jul 2009
Posts: 41

Post Reply with quote
a bit of a hit, theres more then enough characters to "solve" this like the other one, you apply the extra 0 thing to finish the whole string
Tue Aug 04, 2009 10:13 pm View user's profile Send private message
compudemon



Joined: 13 Aug 2011
Posts: 33

Post Reply with quote
i did not brute force adding 0s myself but i think it can be done. you could take say the first 10 hex digits and just brute force all the x b and add 0 combos on that rather then the whole thing. you should get 5 - 10 letters that would be more then enough to tell if a x b pair is good. if you get more then one good x b pair you can widen the analysis window till there is only 1. i solved it without brute forcing the 0s, though ill admit my method needed a bit of luck to work as it only made one guess per x b pair favoring the least added 0s so if 112233 decoded fine it would not check 11022033 ect
Thu Sep 15, 2011 7:13 pm View user's profile Send private message
Display posts from previous:    
Reply to topic    hacker.org Forum Index » Challenges All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to: 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Design by Freestyle XL / Flowers Online.