Cryptography - PicoCTF 2023

Hide to See - 100 pts

Description

How about some hide and seek heh?Look at this image here .

Approach

The image hinted at the Albash cipher, but I didn’t found any encrypted data. After examining the metadata and trying different steganography tools, I eventually discovered the encrypted data hidden within the image using steghide.

┌──(kali㉿iasad)-[~/CTFs/PicoCTF]
└─$ steghide extract -sf atbash.jpg 
Enter passphrase: 
wrote extracted data to "encrypted.txt".



┌──(kali㉿iasad)-[~/CTFs/PicoCTF]
└─$ cat encrypted.txt 
krxlXGU{zgyzhs_xizxp_1u84w779}

decoded it on Atbash Cipher and got the flag

Untitled

Flag: picoCTF{atbash_crack_1f84d779}

ReadMyCert - 100 pts

Description

How about we take you on an adventure on exploring certificate signing requests

Take a look at this CSR file here

Hint💡
Download the certificate signing request and try to read it.

Approach

Dumping the contents of the readmycert.cer file reveals:

Looks base64 encoded, running through CyberChef the flag is found in amongst the decoded output :

Untitled

Flag: picoCTF{read_mycert_a7163be8}

Rotation - 100 pts

Description

You will find the flag after decrypting this file Download the encrypted flag here

Hint💡
Sometimes rotation is right

Given the name of this challenge, a rotation-based substitution cipher is suspected.

Approach

The contents of the encrypted flag file are:

xqkwKBN{z0bib1wv_l3kzgxb3l_25l7k61j}

The encrypted text follows the flag structure picoCTF{}

We can use CyberChef to find the plaintext. By applying ROT13 operation, and adjesting the amount to 18 we get the Flag

Untitled

Flag: picoCTF{r0tat1on_d3crypt3d_25d7c61b}

Hide to See - 100 pts#

Description#

Approach#

ReadMyCert - 100 pts#

Description#

Approach#

Rotation - 100 pts#

Description#

Approach#

Hide to See - 100 pts

Description

Approach

ReadMyCert - 100 pts

Description

Approach

Rotation - 100 pts

Description

Approach