247CTF - Tips and Tricks
Recover a XOR encryption key used to encrypt a JPG image.
Approach
XOR encryption is vulnerable when the plaintext is partially known:
- JPG files have a known magic header:
FF D8 FF E0 00 10 4A 46 49 46 00 01 - XOR the encrypted header with known plaintext to recover the key
- Apply the recovered key to decrypt the entire file
Solution
1 | #!/usr/bin/env python3 |
Key Insight
When XOR encrypts known file formats (JPG, PNG, ZIP, etc.), the magic bytes provide enough information to recover the key without brute force.
247CTF{ca4e3b7f913ca7ca8f33fb0504f2947f}