ctfs/overthewire/natas/scripts/natas11.py

import base64 as b64

PLAINTEXT = '''{"showpassword":"no","bgcolor":"#ffffff"}'''
COOKIE = 'HmYkBwozJw4WNyAAFyB1VUcqOE1JZjUIBis7ABdmbU1GIjEJAyIxTRg='
FORGED_PLAINTEXT = '''{"showpassword":"yes","bgcolor":"#ffffff"}'''


def xorbytes(x: bytes, y: bytes) -> bytes:
    Lx, Ly = len(x), len(y)
    if Lx < Ly: return xorbytes(y, x)
    
    return bytes(x[i]^y[i%Ly] for i in range(Lx))
        
def extract_key(k: bytes) -> tuple[bytes, int] | None:
    Lk = len(k)
    substr = b''
    length = 0
    for i in range(Lk):
        substr += k[i:i+1]
        length += 1 
        if k == substr*(Lk//length) + substr[:Lk%length]:
            return substr, length
    return None


def main() -> None:
    plaintext = PLAINTEXT.encode()
    cookie    = b64.b64decode(COOKIE)
    decoded   = xorbytes(cookie, plaintext)
    print('Modulated Key:', ''.join(chr(x) for x in decoded))
    key, key_size = extract_key(decoded)

    forged_cookie = b64.b64encode(xorbytes(FORGED_PLAINTEXT.encode(), key))
    print('Forged:', forged_cookie)
    

if __name__ == '__main__':
    try:
        main()
    except (KeyboardInterrupt, EOFError):
        print('\n[!] Interrupt')
OverTheWire 2025-07-15 22:44:06 +10:00			`import base64 as b64`

			`PLAINTEXT = '''{"showpassword":"no","bgcolor":"#ffffff"}'''`
			`COOKIE = 'HmYkBwozJw4WNyAAFyB1VUcqOE1JZjUIBis7ABdmbU1GIjEJAyIxTRg='`
			`FORGED_PLAINTEXT = '''{"showpassword":"yes","bgcolor":"#ffffff"}'''`



			`def xorbytes(x: bytes, y: bytes) -> bytes:`
			`Lx, Ly = len(x), len(y)`
			`if Lx < Ly: return xorbytes(y, x)`

			`return bytes(x[i]^y[i%Ly] for i in range(Lx))`

			`def extract_key(k: bytes) -> tuple[bytes, int] \| None:`
			`Lk = len(k)`
			`substr = b''`
			`length = 0`
			`for i in range(Lk):`
			`substr += k[i:i+1]`
			`length += 1`
			`if k == substr*(Lk//length) + substr[:Lk%length]:`
			`return substr, length`
			`return None`


			`def main() -> None:`
			`plaintext = PLAINTEXT.encode()`
			`cookie = b64.b64decode(COOKIE)`
			`decoded = xorbytes(cookie, plaintext)`
			`print('Modulated Key:', ''.join(chr(x) for x in decoded))`
			`key, key_size = extract_key(decoded)`

			`forged_cookie = b64.b64encode(xorbytes(FORGED_PLAINTEXT.encode(), key))`
			`print('Forged:', forged_cookie)`


			`if __name__ == '__main__':`
			`try:`
			`main()`
			`except (KeyboardInterrupt, EOFError):`
			`print('\n[!] Interrupt')`