Real Smooth

May 18, 2025

Challenge Description:

Just do the dance, that's the solve
`nc smooth.chal.cyberjousting.com 1350`
real-smooth.py

Challenge Code:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

#!/usr/local/bin/python

from Crypto.Cipher import ChaCha20
from Crypto.Random import get_random_bytes
from secrets import FLAG

key = get_random_bytes(32)
nonce = get_random_bytes(8)

cipher = ChaCha20.new(key=key, nonce=nonce)
print(bytes.hex(cipher.encrypt(b'Slide to the left')))
print(bytes.hex(cipher.encrypt(b'Slide to the right')))

try:
    user_in = input().rstrip('\n')
    cipher = ChaCha20.new(key=key, nonce=nonce)
    decrypted = cipher.decrypt(bytes.fromhex(user_in))
    if decrypted == b'Criss cross, criss cross':
        print("Cha cha real smooth")
        print(FLAG)
    else:
        print("Those aren't the words!")
except Exception as e:
    print("Those aren't the words!")

السلام عليكم ورحمة الله وبركاته

This challenge was a nice one and was intended to be solved by bit flipping but I just have solved a challenge on cryptohack on chacha20 called Dancing Queen the challenge used different IVs with the same key and the solution for the challenge is to reverse the initialization process of the key stream to get the key but here we have got two plaintexts encrypted with the same key and IV and here is the catch if we retrieved the key stream that encrypted the plaintexts and then encrypt the desired message with the extracted keystream and then get the flag.

Here I noticed that the desired message is longer than each of the encrypted messages so if I tried to retrieve the keystream of one of the encrypted messages I won’t get the flag. So, how to overcome that we get the the cipher texts of the encrypted messages then concatenate them then concatenate the plain texts of the encrypted then xor them to get the keystream then xor it with the desired message then send it the server to get the flag.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

#!/usr/local/bin/python

from pwn import remote, xor

conn = remote("smooth.chal.cyberjousting.com", 1350)

def get_ct():
    ct = []
    ct.append(conn.recvline().strip().decode())
    ct.append(conn.recvline().strip().decode())
    return ct

ct = get_ct()

msg_1 = b'Slide to the left'
msg_2 = b'Slide to the right'
msg_3 = b'Criss cross, criss cross'

full_ct = bytes.fromhex(ct[0]) + bytes.fromhex(ct[1])
full_pt = msg_1 + msg_2

keystream = xor(full_pt, full_ct)

payload = xor(msg_3, keystream[:len(msg_3)]).hex()

conn.sendline(payload)
print(conn.recvline())
print(conn.recvline())

then you get the flag byuctf{ch4ch4_sl1d3?...n0,ch4ch4_b1tfl1p}.

Thanks for reading hope you enjoyed it if you have any comments don’t hesitate to reach out.

Tags:

Categories: