**Tags:** crypto

Rating:

I found this chall the best of all. After connecting to nc 2020.redpwnc.tf 31284, we have to provide two integers i and j as input to get ciphertext which is encoded using i and j.

If we provide i=1 and j=2, then lb=2 and ub=3. 2 is '10' and 3 is '11' in binary. We now know that some random combination of '10' and '11' is xored with the plaintext.

In this we have to notice that the bit at index 0 is same i.e '1'. Therefore, we can xor every alternating character of the ct with '1'.

Similarly, if we provide i=2 and j=3, then lb='100' and ub='111'. Thus, we can xor every 3rd bit of ct with '1'. Doing it multiple times with different values of i,j will give as every bit of the flag. Checkout the script given below:

```

from pwn import *

def bit_str_xor(a, b):

xor_res = ''

for i in range(len(a)):

xor_res += str(int(a[0]) ^ int(b[0]))

return xor_res

p=list("0"*350)

i=1

while(i<320):

print i

r=connect("2020.redpwnc.tf", 31284)

r.recvuntil(': ')

r.sendline(str(i))

r.recvuntil(': ')

r.sendline(str(i+1))

r.recvuntil(': ')

c=r.recvuntil('\n')

for j in range(0, len(c), i+1):

try:

p[j]=bit_str_xor(c[j], '1')

except:

pass

#print c

r.close()

i+=1

print ''.join(p)

i=0

flag=""

while(i