[Dean Winchester]

Within this Github repository there is a simple C program that performs an XOR encryption on a string with an arbitrary key. Given is  hex-encoded bytestream as the result of its use: https://gitlab.com/op8-recruitment/op8-c...bytestream

The decoded answer is a plain-text alphanumeric string as is the key. The aim is to decode the encoded string within the below code into plaintext and submit the key along with the decoded plaintext:

Code:

Usage: ./encode "<key>" "<string>"

0x16 0x1a 0x10 0x6c 0x0f 0x02

I am wondering if anyone can help me out in figuring the answer to the right key and string.

Thanks.

[phyrrus9]

Within this Github repository there is a simple C program that performs an XOR encryption on a string with an arbitrary key. Given is  hex-encoded bytestream as the result of its use: https://gitlab.com/op8-recruitment/op8-c...bytestream

The decoded answer is a plain-text alphanumeric string as is the key. The aim is to decode the encoded string within the below code into plaintext and submit the key along with the decoded plaintext:

Code:

Usage: ./encode "<key>" "<string>"

0x16 0x1a 0x10 0x6c 0x0f 0x02

I am wondering if anyone can help me out in figuring the answer to the right key and string.

Thanks.

It's not possible to definitively extract the key from what you have. As noted by L7 crypt/xor.c, the key and input streams do not need to be the same length. We can be reasonably certain that they are the same length, but there are provisions in the code to allow a key that is shorter or longer as well.

If we know that the key and cipherstring are both alphanumeric only, then you can write a program to brute force it. Simply make up a string that is as long as your input, increment it one at a time until it's an alphanumeric string, then run xor over it and the input, and repeat until both the key and result are alphanumeric.

[Dean Winchester]

If we know that the key and cipherstring are both alphanumeric only, then you can write a program to brute force it.  Simply make up a string that is as long as your input, increment it one at a time until it's an alphanumeric string, then run xor over it and the input, and repeat until both the key and result are alphanumeric.

The author of the question already put hint that the key is shorter than the encrypted characters. Also yes, both the key and string are plain alphanumeric.. While I was able to get the correct string, the key is still incorrect. And yes, I did use a code that bruteforces. If the code is incorrect, let me know.

Code:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

void get_XOR(const char * const c, const size_t s, const unsigned int e) {
  size_t i = 0;
  size_t j = 0;

  for (i = 0; i < s; ++i) {
    for (j = 0; j < s; ++j) {
      if ((c[i] ^ c[j]) == e) {
        fprintf(stdout, "0x%02x ^ 0x%02x = 0x%02x", c[i], c[j], e);
        fprintf(stdout, " => %c, %c\n", c[i], c[j]);
        return;
      }
    }
  }
}

int main (int argc, char ** argv) {
const char * const chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
const unsigned int encrypt[] = {0x16, 0x1a, 0x10, 0x6c, 0x0f, 0x02};
size_t i = 0;
const size_t slen = strlen(chars);
const size_t elen = sizeof(encrypt)/sizeof(unsigned int);

for (i = 0; i < elen; ++i) {
  get_XOR(chars, slen, encrypt[i]);
}

return 0;
}

Code Output: aba460 (key) wxqX92 (string)

[phyrrus9]

Your teacher is an idiot. There are infinite solutions to this problem. Since the string can be any sequence of alpha numeric combinations, each of which has up to 8 solutions that are equal to or greater in length, as well as an infinite number that is greater in length, any solution that produces the correct ciphertext is the correct solution.