In this chall, we hace a python file and an ecrypted flag:

This is the python file:
```
from secrets import token_bytes
from itertools import cycle

FLAG = open("TempoFlag.txt", "rb").read().split(b'\n')

wee = token_bytes(8)
print(wee)
cipher = ''

for secret in FLAG:
enc = bytes([ a ^ b for a,b in zip(secret, cycle(wee)) ])
print(list(zip(secret, cycle(wee))))
cipher += enc.hex() + '\n'
print(secret)
print(cipher)

```

And those are the different encrypted values we have

```
b75332cf82004fa6c349388a94451bb0824735cf97004fbdc34d299cc0064cbb
ac4a38cf9a0c49bacf043281854954bb86087d9b880c42f5825638cf930154a28d
b74b3a8a94015ea7c350358a994958ba8e46348185451ba28a5035cf8149639ab1
a204338a97494db48f5138cf891a1bb38c56308a84451bbb8652389dc0081bb78c5638c1
a177109a8d0b5abc98536d98bf584f8ad25702dbbf0f57e1847b6c81bf1d53e6bc17338b9d
```

We can see it's only a xor cipher with 8 random bytes

We can break the strings one by one on dcode

https://www.dcode.fr/xor-cipher

We will obtain a list of possibles keys, we see dcode is strugling for the last string
and is not giving something pertinent, it's probably the flag.

e3285deff1653bd5

e3245deffc6927d5

e3225befe0693bce

e3245defe0693bd2

We could aso recover the start of the key by xoring BSM with the last string to optain
the first 3 bytes, because most of the flags seems by starting with this string, we obtain:

e3245d

It correspond to what we just found

Now we are going to take the most common bytes in the four key we found :

e3245defe0693bd5

We test it on one of the four fist encrypted strings, it's seems valid

Now we try on the last chain, and we obtain:

BSMumbai{w0w_1t_1s_4_fl4g_1n_th3_3nd}