EPFL's CTF team

TU CTF 2018 - Jimmy’s Crypto


Your nemesis, we’ll call him Jimmy for brevity’s sake, believes that he has finally outsmarted you in his secret messaging techniques. He’s so confident that he even gave his source code.

Show him where he went wrong!

Given files


The given python script does the following:

So we know what are the other two files we are given.

The first and only working idea we had was to xor the two files.

x = (flag ^ key) ^ (secret ^ key) = flag ^ secret

Now we assumed that secret is some english text. So we tried to look at all indexes where x ^ 'TUCTF{}' gave us a valid sequence of characters. Hopefully there was only one answer: 42.

At this point we did not found any better solution than completing the two text in parallel, trying to give a sense to both of them.

After a while, this gave us:

    Secret: steal my secrets. If you are looking at this file,

    Flag: ~TUCTF{D0NT_US3_TH3_S4M3_K3Y_F0R_TH3_S4M3_M3SS4G3}~