Summary#

This challenge introduces the concept of basic text encoding and substitution ciphers. You’re given an encoded flag file named enc_flag and need to uncover its hidden message.

You can solve it using online tools like cyberchef and dcode.fr

Analysis#

First we identify the file type:

1
$ file enc_flag
2
enc_flag: ASCII text

It’s plain ASCII text, so let’s open it. The file contains:

1
YidkM0JxZGtwQlRYdHFhR3g2YUhsZmF6TnFlVGwzWVROclh6ZzJhMnd6TW1zeWZRPT0nCg==

Base64 is a binary-to-text encoding scheme that converts binary data into ASCII characters. It’s commonly used to encode data for safe transmission over text-based protocols. Base64 strings often end with = or == as padding. Read more about base64

Stage 1#

The trailing == suggests Base64 encoding. Let’s verify this.

So we decode it. You can use base64 locally or an online tool like CyberChef. Decoding the first layer gives:

which is b'd3BqdkpBTXtqaGx6aHlfazNqeTl3YTNrXzg2a2wzMmsyfQ=='

Stage 2#

This looks like a Python bytes literal (b'...'), the actual Base64 payload is the inner string: d3BqdkpBTXtqaGx6aHlfazNqeTl3YTNrXzg2a2wzMmsyfQ==

Decode that second Base64 layer and we get: wpjvJAM{jhlzhy_k3jy9wa3k_86kl32k2}

Stage 3#

Now this looks familier the challenge mod 26

To recover the flag, I performed a simple Caesar shift (mod 26) brute force over all 26 shifts. The correct shift was 19.

⚡ Raikiri

🎉 Flag pwned! The ciphertext has been decoded successfully.

💡 TL;DR / Lesson Learned

Double Base64 → ROT cipher → Flag recovered.
Always check for multiple layers of encoding, even in simple CTF files.
Don’t rely on simple encodings for real-world security!