# Easy Peasy

This challenge is vulnerable due to it's OTP generation algorithm. Taking a closer look at the source we see that after a certain amount of characters inputted, we are able to cycle back to the beginning of the start of the key thus leaking it.

## Method

The important observation is here

if stop >= KEY_LEN:
stop = stop % KEY_LEN

we see that if our user input is greater than the `KEY_LEN` variable, we will be able to redefine the starting point of the next encryption. If we make sure that we input the same amount of characters up till the `KEY_LEN` we can cycle back to 0.
I tried to send the buffer all at once to overflow it back to 0, but the terminal couldn't handle it thus I split it up into chunks of `4000` or `2000` characters and encrypted it using `65` which is `A`. This means that after I overflow back to 0, I just need to leak the first 32 characters of the flag with our known key `A` and XOR decrypt it programmatically.

## Notes



Flag_length = 32

leaked bytes



Original writeup (https://github.com/JeffersonDing/CTF/tree/master/pico_CTF_2021/crypto/easy_peasy).