XOR Bitwise Operations
Last modified: 2023-09-07
XOR is commonly used method for cryptography.
Basic
For XORing, we can use ^
operator.
Here is Python script example to XOR.
Also use the XOR key for xoring a target value.
target = 21
xor_key = 2
print(target ^ xor_key)
# 23
The above operation does the following calculation internally.
- Convert the decimal
21
of the target to the binary (10101
). - Convert the decimal
2
of the key to the binary (00010
). - XOR the bits at each position as below.
10101 # binary for 21
# XOR
00010 # binary for 2
# Result
10111 # binary for 23
By the way, each value can be replaced individually as follows.
a ^ b = c
a ^ c = b
b ^ c = a
In CTF, we may be able to use this principle to calculate the xor key.
XOR Characters
We can also XOR each character.
ord('a') ^ ord('b')
# 3
The above operation does the following calculation internally.
- Convert the character ‘a’ to the Unicode
97
. It’s1100001
in binary. - Convert the character ‘b’ to the Unicode
98
. It’s1100010
in binary. - XOR the bits at each position as below.
1100001 # binary for 'a'
# XOR
1100010 # binary for 'b'
# Result
0000011 # binary for 3
XOR Strings
In addition, we can also XOR strings by XORing the bits at each position.
ciphertext = "5d41402abc4b2a76b9719d911017c592"
key = "secret"
# Convert each string to bytes
ciphertext_bytes = bytes.fromhex(ciphertext)
key_bytes = key.encode()
# XOR operation
xored_bytes = bytes(a ^ b for a, b in zip(ciphertext_bytes, key_bytes))
# Convert the result to Hex
xored_hex = xored_bytes.hex()
print("Result:", xored_hex)
The above operation does the following calculation.
- Convert the ciphertext to the binary.
- Convert the XOR key to the binary.
- Loop each byte and XOR each one.
- Convert the result bytes to Hex.
-
Using
strxor
of PyCryptodomeWe can also use
strxor
method ofpycryptodome
module in Python.from Crypto.Util.strxor import strxor print(strxor(b"hello", b"world")) # b'\x1f\n\x1e\x00\x0b'
XOR with Pwntools
We can easily XOR using the xor
module of pwntools
.
First off, install pwntools
if you don't have.
pip install pwntools
To decrypt the encrypted text with XOR, write Python script such as below.
from pwn import xor
ciphertext = "5d41402abc4b2a76b9719d911017c592"
key = "secret"
xored = xor(bytes.fromhex(ciphertext), key.encode())
Brute Force XOR Key with 0/Null
If we specify 0 or \x00
to the target value, the result is the key as it is.
0 ^ 1 # result: 1
0 ^ 2 # result: 2
...
0 ^ 999 # result: 999
Using the principle, we may be able to get the XOR key by brute forcing.
xor_key = b'secret'
null_payload = b''
for i in range(10):
null_payload += b'\x00'
result = bytes([a ^ b for a, b in zip(null_payload, xor_key)])
print(result.decode())
The output of the above script will be the following:
s
se
sec
secr
secre
secret
secret
secret
secret
secret