THM-c4ptur3-th3-fl4g-Writeup
A beginner level CTF challenge
Task 1 Translation & Shifting
1. Message One
This first encoded message is in “leetspeak” which simply converts some letters with numbers.
2. Message Two
For the rest of these messages we will be using CyberChef to translate the messages. Based on the fact that the message is made up of eight 0s and 1s we know that it’s binary. Plugging it into CyberChef and using the “From Binary” recipe we can decode the message.
Translating the binary
3. Message Three
Figuring out what kind of encoding has been used can sometimes be difficult. For Base numbers, here’s a guide. We can recognize this as Base32 and run it through CyberChef.
Translating the Base32
4. Message Four
This looks similar to Base32, but has a 0 so it can’t be. This is Base64. We run it through CyberChef to get our answer.
Translating the Base64
5. Message Five
This message is made up of two characters separated by a space. This is hexadecimal, also known as Base16.
Translating the Base16
6. Message Six
This looks like a Caesar cipher. This particular cipher is known as ROT13, which rotates the letters 13 places forward. Rotating 13 places forward again results in the decryption.
Translating ROT13
7. Message Seven
This looks very different from the last message, but it is actually quite similar. It is ROT47 which includes some different characters than ROT13 but is from the same family.
Translating ROT47
8. Message Eight
This one is pretty easily recognizable. It’s Morse code, which we can tell because it is made up of dots and dashes.
Translating Morse code
9. Message Nine
This looks similar to the Base16 (hexadecimal) encoding we saw earlier, except some have 3 characters and there are no letters. This is decimal, which is the same system we use for counting.
Translating decimal
10. Message Ten
This message is incredibly long but ends with an ‘=’ which means it’s probably Base32 or Base64. Let’s run it through CyberChef as Base64. We get a long string of Morse code in return.
First translation
Now we can translate it from Morse code, which gets us binary.
Second translation
Let’s translate it from binary.
Third translation
This looks strange, let’s try ROT47.
Fourth translation
We are left with decimal numbers which, when decoded, give us the final answer.
Final translation
Task 2: Spectrograms
1. Spectrogram
If we listen to the downloaded file, it sounds like random beeping noises. We can upload the file to a website like dcode.fr to see the hidden message inside.
Seeing the hidden message
Task 3: Steganography
1. Decode the image to reveal the answer.
We can download the file and use different programs to find something. I prefer to use Aperi’Solve because it runs a bunch of different steganography tools very quickly. Steghide finds a text file in the image.
Aperi’Solve finding a text file
We can download and extract this data. We find the answer in the text file.
Answer in text file
Task 4: Security through obscurity
1. Download and get ‘inside’ the file. What is the first filename & extension?
We can run the image through Aperi’Solve again to see what’s inside the file. If we look at the strings output, we see the name of an image.
Image name in strings
2. Get inside the archive and inspect the file carefully. Find the hidden text.
This is directly above the name of the image in strings.
And that’s the room. We have found every flag by decoding messages, analyzing a spectrogram, and using different types of steganography. I hope this writeup could be helpful in completing the room! If you are still struggling, please leave a comment or message me on Twitter and I will try my best to assist!
I liked this room. It’s a good introduction to different cryptographic concepts and makes good practice for those who already know it. I would recommend it to anyone wanting to learn about basic cryptography.
