SHA2017 Junior CTF - All about the Base

We found this encoded message. Can you decode it?

Files: Download Points: Crypto 1
Useful tools: base64 echo Tags: beginner crypto

Show Solution …

This challenge gives the following ciphertext to analyze:

V2VsbCBkb25lLAoKdGhpcyBmaWxlIGlzIGVuY3J5cHRlZCB3aXRoIEJhc2U2NC4gT2Z0ZW4gdXNl
ZCBpbiBDVEYncyB0byBkaXNwbGF5IGJpbmFyeSBkYXRhIGluIGEgbW9yZSBmcmllbmRseSB3YXku
IAoKVGhlIGZsYWcgZm9yIHRoaXMgY2hhbGxlbmdlIGlzIGZsYWd7YjNlOWMzZWVlNjA5YmFjNDZm
YWQ0NDM5Y2YzMjFmZTV9Cg==

If you have seen Base64 encoding before, you will immediately know that is what this is. Base64 encoding is very common to see and is extensively used in CTFs to obscure text. If this is new to you, take note of the pattern. You see a highly random grouping of uppercase, lowercase, and numbers, finally ending with two = signs. These are the telltale indicators of a Base64 encoded string. The = signs at the end are optional; there could be anywhere between 0-2 of them, and they will only ever appear at the end (they are used for padding). There are no other symbols anywhere in the rest of the string (though the occassional “+” and “/” is also acceptable if you see those).

Now that we identified this as being Base64 encoded, all we need to do is decode it. Since this is an encoding, there is no key to be concerned with, hence we are decoding not decrypting. Any web-based decoder will be fine, or you can use Linux to do the same thing. Just remember this is all one long encoded string, not four encoded strings. You’ll need to combine them first.

$ echo V2VsbCBkb25lLAoKdGhpcyBmaWxlIGlzIGVuY3J5cHRlZCB3aXRoIEJhc2U2NC4gT2Z0ZW4gdXNlZCBpbiBDVEYncyB0byBkaXNwbGF5IGJpbmFyeSBkYXRhIGluIGEgbW9yZSBmcmllbmRseSB3YXkuIAoKVGhlIGZsYWcgZm9yIHRoaXMgY2hhbGxlbmdlIGlzIGZsYWd7YjNlOWMzZWVlNjA5YmFjNDZmYWQ0NDM5Y2YzMjFmZTV9Cg== | base64 -d
Well done,
this file is encrypted with Base64. Often used in CTF's to display binary data in a more friendly way.
The flag for this challenge is flag{b3e9c3eee609bac46fad4439cf321fe5}

The flag for this challenge is flag{b3e9c3eee609bac46fad4439cf321fe5}

Review & Lessons Learned

If you see a highly random grouping of uppercase, lowercase, numbers, and 0-2 = at the end with no other symbols (besides maybe + or /), you should instantly recognize it as a Base64 encoded string. Always decode it when you see it; you will see these over and over again.

Read More

Analysis of Apache Guacamole

### OverviewThis post will be focusing on an analysis of Apache Guacamole's web traffic. From their website:> Apache Guacamole is a clien...… Continue reading

SHA2017 Junior CTF - Rotation

Published on August 14, 2017

Welcome!

Published on August 12, 2017