Tags: lfsr 

Rating:

[Link to original writeup](https://wrecktheline.com/writeups/m0lecon-2021/#obscurity_writeup)
# Obscurity (10 solves, 316 points)
by y011d4

```
Security through obscurity. Seems good, right?

nc challs.m0lecon.it 2561

Author: mr96
```

In this challenge, random bits are generated using multiple LFSRs, with unknown taps and lengths. FLAG is xored by those bits.
Other than `Obsucurity-fixed`, we can send prefixes within 1000 characters many times.

As the other challenge's name implies that this challenge includes bugs, the check for `periodic` sometimes works in an unintended way.

```python
kk = key.hex()
if kk.count(kk[-6:]) == 1:
periodic = False
```

This check works only when the period of LFSRs rands are multiple of 8.
So all we have to do is collect the data which meat the following condition:
- with long prefix (`\x00` * 1000 for brevity)
- with the long period, which is not multiple of 8

I ran this script a few times.

```python
import re
from binascii import unhexlify
from hashlib import sha256
from itertools import product

from pwn import *

_r = remote("challs.m0lecon.it", 2561)
ret = _r.recvline().strip().decode()
prefix, suffix = re.findall(
r"Give me a string starting with (.+) such that its sha256sum ends in (.+).", ret
)[0]

for i_list in product(list(range(32, 128)), repeat=4):
c_list = list(map(chr, i_list))
tmp = prefix + "".join(c_list)
tmp_hash = sha256(tmp.encode()).hexdigest()
if tmp_hash[-len(suffix):] == suffix:
print("found!")
_r.sendline(tmp)
break
_ = _r.recvline()
_r.sendline(b"00" * 1000)
print(_r.recvline().strip())
```

I got the result which meats the condition as mentioned above and decoded it.

```python
res = "0035fc5465ac4967e515bf395e091a1ea15e8fb41c1c377fe7e9d6f51bed0ca7d3a82aa4ebadc1b141441bd1b7e24fcb92c2f78247b65acbbf12d48ef2c7562970b0c9d2674daed6544162e0cb7e5df28b7b7692883f8c1de6cb38e844045263b2a40e33e17b041ca41aad59b1281d122d5f4fb7ac09757534f8285de14f0883d4824a9fa7d0abee010b0dcfefd2e98b2523708ef9730b65a2e4e0a2515702f3bd985b81c54355f2f5ed9584e325073c84e0d44a4422543408d52fac06b096cb34af9e4ca6d6aea6c697ed27302be85690313256709b6154c8780c9a0f054cd60c628766cf4fd38da6997b11d50c2a2f7b65b024e5405b34dff8334ba442b04237edaa0208c9fa27a654dc1135bf34c0a44900bfed2aff53e791547ef1e35501784a4783388b15db122ee50a111243fa03afbd80adea7f32c52c9809b139cd0d05daded4372a489d8c46d9d5d25a1b16848cd033c381aebf9bd2d2976db63a0a26796e92eef9ad8a08a49f1e973e0cd30dc91e0044684a806b0169c9e8a37b1dfd730cb12b1ea71f9b04fed2f5fc653fb26834b09782b6e94d24c6efcb1f78d1a64689cda4aa73665f728faa715a0001f55e138b0076f35cdfeddabe63112f46125e9bfdad270468bd734dabffc4a0e5585dfe6aba3e1b279a5e8350e2e97fc7a52630520372c1ec88c9b6619bfa567b4a08175a795024ec6cfe2ae615410f93bce2208c74a96beda562a9a39cce7826c4cb36260dd823536da3acbe97a593a685e5a741ec758403f23d7456359f73bfb805daeb889696dfa3cafb16ef5f77a66cd0e4f95877be1ba88f8fc6605621d548226f9128c90d1099efd77abf32691f66fe9c1e7342e406b9158a3d59264adf44c345e0f6e898ea8c2856e36b3c9269e13f973991f34cb9f7ff38f21378512dbdd974273dfb6dd948192083dacbdc058d275fcfad8675baec3e85b7ed62defbb8e1d9018892f0bd706d6f96ca6272d7940c886b93959da0c33225883ad9f9c76fec5adceff3bed7fa193a01aa42b2ef7fda94bbc902f6403d3a2a23902c5ba5ec83bdaa588fe5f46094c33ebd6ff7f88dec740aee501189df1893f6e80acf20d1baac232f40c79722faab62a33f87a4785947a6dc1836c04220a5fd48dac0d7f15196b1259f9456fce57824687a857a3ed07070ddff9fa75bd46fb4329f4ea0aa93aeb706c505106f46df893f2e4b0bde091ed96b2efc4b523bcb1d58a5c2c327499d36bb5951058b832df977ca2dedda4a20fe30779b2ce3a11011498eca9038cf85ec1072906ab566c4a07448b57d3edeb025d5d4d3e0a177853c220f52092a7e9f42afb8042c373fbf4ba62c948dc23be5cc2d968b938289455c0bcef6616e07150d57cbd7b656138c941cf213835129108950d02354cec477b92b40e18a4c01c42889eb2a2d83c3b99fd4281fb1a768ac5ab63d45d356370b256c185cf824ad40"
assert len(res) == 2086
res_bits = f"{int(res, 16):08344b}"

# It's checked manually
assert res_bits[6530:6630] == res_bits[20:120]

ans = []
for a, b in zip(map(int, res_bits[6530:]), map(int, res_bits[20:2020])):
ans.append(a ^ b)
ans = ans[-43 * 8 :]
print(bytes.fromhex(hex(int("".join(map(str, ans)), 2))[2:]))
```

`ptm{[email protected]}`

Original writeup (https://wrecktheline.com/writeups/m0lecon-2021/#obscurity_writeup).