Skip to content

Intigriti 1337UP CTF 2024: IrrORversible

TL;DR

  • Application encrypts user input with a repeating XOR key.
  • XOR reversibility allows key recovery using known plaintext.
  • Supplying a long controlled plaintext reveals the full key.
  • Reusing the key decrypts the encrypted flag.

Video Walkthrough

IrrORversible video walkthrough

Challenge Description

So reversible it's practically irreversible

Solution

Players can enter some text to encrypt.

web interface showing user input and resulting XOR-encrypted output

As the challenge name hints, we should try some XOR operations.

Since XOR is reversible, having any two pieces of information will enable the recovery of the missing component, e.g. plaintext + key = ciphertext, ciphertext + key = plaintext, plaintext + ciphertext = key.

Note that the key is quite long, so you need to enter a sufficiently sized plaintext to recover it all.

Flag: INTIGRITI{b451c_x0r_wh47?}