picoCTF 2022: Cryptography writeups

Basic-mod1 (100pts)

Reading the instructions I write the following python code which helps to solve the challenge:

Flag: picoCTF{R0UND_N_R0UND_<unique_code>}

Basic-mod2 (100 pts)

Reading the instructions I write the following python code which helps to solve the challenge:

Flag: picoCTF{1NV3R53LY_H4RD_<unique_code>}

Credstuff (100 pts)

In this question we have been given leak.tar . So we unzip it with tar xvf leak.tar

We get leak/ folder.

We need to find the line number in which cultiris is present in usenames.txt .
Open the file in vim: vim usernames.txt
Now let’s find the name cultiris. Press esc + :/cultiris and then enter
Now that you found the name, let’s figure out it’s line number which is easy with vim. Type esc + :set number + enter .
We now get the line number listed beside the lines. We find the line to be 378.

Now let’s print out the password for cultiris. Type in the terminal:
cat passwords.txt| head -n 378 | tail -n 1
head -n <num> prints out first <num> lines. Tail prints -n <num> prints out the last <num> lines.

We get: cvpbPGS{P7e1S_54I35_71Z3}

I found that it is rot13 encoded, you can solve it on cyberchef or type in the following in the terminal: echo ‘cvpbPGS{P7e1S_54I35_71Z3}’ | rot13

We get the flag: picoCTF{C7r1F_54V35_71M3}

morse-code (100 pts)

You can easily find morse code audio decoders online. Just remember, in case you get any gaps in the decoded message replace them with ‘_’, and wrap the flag with picoCTF{}

Flag: picoCTF{WH47_H47H_90D_<unique_code>}

rail-fence (100 pts)

As suggested in the question, it is better to look up how this cipher works. I’ve arranged it in notepad so that you can understand how it works but however it is better to try it out with pen & paper first.

Original message: Ta _7N6DDDhlg:W3D_H3C31N__0D3ef sHR053F38N43D0F i33___NA

It has 4 rails as mentioned in question, so we got to arrange the letters in a zig-zag fashion as follows:

I’ve written the 56 letters in 4 lines. Let’s say, the first and last lines contain n letters each. While, the middle two contain 2n each. So, we got 6n letters.
56 = 6*9 + 2. So n=9 with an extra 2. So, this is what we did. We use the extra slot in the first and second lines. So first and second lines would harbour 9+1=10 & 18+1=19 slots respectively.

We have put gaps between the original sequence of letters and we enter next line when the no of slots have completed. One thing to keep in mind is to be careful while handling spaces. Then after arranging read the pattern as shown by the zig-zag pattern.

On decoding we get the flag: WH3R3_D035_7H3_F3NC3_8361N_4ND_3ND_D00AFDD3
(Remove The flag is:, at first for a couple of tries I was including this in the final flag like a moron🤦)

Flag: picoCTF{WH3R3_D035_7H3_F3NC3_8361N_4ND_3ND_<unique_code>}

substitution0 (100 pts)

An online decipher would suffix for this challenge. Basically, we have to determine what is the frequency of the letters and match them with the frequency of the letters of the alphabet in real world. This is ridiculous to solve by your own hand so it’s better to use an online tool.
The flag shall be present on the last line.

Flag: picoCTF{5UB5717U710N_3V0LU710N_<unique_code>}

substitution1 (100 pts)

As in the previous question, this question too demands us to do a frequency attack like the last one. We do it using the same online site we used last time.
If you get a J in place of a Q then swap it.

Flag: PICOCTF{FR3QU3NCY_4774CK5_4R3_C001_<unique_code>}

substitution2 (100 pts)

We again use the online tool for this.

Flag: PICOCTF{N6R4M_4N41Y515_15_73D10U5_<unique_code>}

transposition-trial (100 pts)

Basically we gotta rotate every three consecutive letters. Here’s my python code for the purpose:

Decoded text: The flag is picoCTF{7R4N5P051N6_15_3XP3N51V3_A9AFB178}

Flag: picoCTF{7R4N5P051N6_15_3XP3N51V3_<unique_code>}

Vigenere (100 pts)

It is the Vigenere cipher and we can easily find an online tool for decryption. Go to https://www.dcode.fr/vigenere-cipher and also don’t forget to use the key mentioned in the challenge question: CYLAB

Flag: picoCTF{D0NT_US3_V1G3N3R3_C1PH3R_<unique_code>}

diffie-hellman (200 pts)



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store