> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-3/obfuscation/xor-decryption/trick-0101.md).

# XOR Decryption (Recovered Key)

***

You found the XOR key for encrypted data by examining application source code (e.g., `debugpassword.py`) and the ciphertext in another file (e.g., `supersecrettip.txt`). You can then use a simple script to decrypt the data using the recovered key.

A Python script like the following can perform the XOR decryption on a byte string:

```python
def xor_decrypt(ciphertext, key):
  decrypted_message = bytearray()
  for i in range(len(ciphertext)):
    decrypted_byte = ciphertext[i] ^ ord(key[i % len(key)])
    decrypted_message.append(decrypted_byte)
  return decrypted_message

# Example ciphertext found
encrypted = b' \x00\x00\x00\x00%\x1c\r\x03\x18\x06\x1e' # From supersecrettip.txt

# The recovered key from source code (e.g., debugpassword.py)
key = "[REDACTED]"

# Perform decryption
decrypted_bytes = xor_decrypt(encrypted, key)
decrypted_message = decrypted_bytes.decode('utf-8')

print("Decrypted message:", decrypted_message)
```

To apply this decryption to the contents of a file like `supersecrettip.txt`, you would first need to read the encrypted data from the file. A function to handle this would read the file in binary mode (`'rb'`) and then apply the XOR logic.

```python
def decrypt_file_content(file_path, key):
    with open(file_path, 'rb') as file:
        encrypted_data = file.read()

    decrypted_data = bytearray()
    key_length = len(key)

    for i in range(len(encrypted_data)):
        decrypted_byte = encrypted_data[i] ^ key[i % key_length]
        decrypted_data.append(decrypted_byte)

    return bytes(decrypted_data)

# Example usage for a file:
# key = b"[REDACTED]" # Key should be bytes if reading binary file
# decrypted_content = decrypt_file_content('supersecrettip.txt', key)
# print(decrypted_content.decode('utf-8'))
```

Note that when working with binary file data, the key should also be treated as bytes.

Alternatively, a complete Python script can be created to take the filename and key as command-line arguments and perform the XOR operation directly on the file content, overwriting the original file with the decrypted data.

```python
#!/usr/bin/python
# XOR encrypt/decrypt a file

import sys

def xor_file(filename, key):
    with open(filename, 'rb') as f:
        data = f.read()

    key = bytes(key, 'utf-8') # Ensure key is bytes
    key_len = len(key)
    xored_data = bytearray()

    for i in range(len(data)):
        xored_data.append(data[i] ^ key[i % key_len])

    # Overwrite the original file with the xored data
    with open(filename, 'wb') as f:
        f.write(xored_data)

    print(f"Processed {filename} with XOR key.")

if __name__ == "__main__":
    if len(sys.argv) != 3:
        print("Usage: python xor_script.py <filename> <key>")
        sys.exit(1)

    filename = sys.argv[1]
    key = sys.argv[2]

    xor_file(filename, key)
```

This script provides a practical command-line tool for XOR decrypting files using the recovered key.
