Description: A second message has come in the mail, and it seems almost identical to the first one. Maybe the same thing will work again.
Difficulty: Medium
Author: Will Hong
Summary
This challenge presents another ciphertext that appears very similar to substitution2, suggesting that the same underlying technique, monoalphabetic substitution, is once again the solution. Even though the message is compact and lacks punctuation, classical substitution analysis still works perfectly.
Analysis
We are given the file message.txt :
$ file message.txtmessage.txt: ASCII text, with very long lines (638), with no line terminatorsAnd its content :
ZWDg (gejfw djf zacwpfx wex dqar) afx a wscx jd zjicpwxf gxzpfbws zjicxwbwbjv. Zjvwxgwavwg afx cfxgxvwxm hbwe a gxw jd zeaqqxvrxg hebze wxgw wexbf zfxawbybws, wxzevbzaq (avm rjjrqbvr) gnbqqg, avm cfjtqxi-gjqybvr atbqbws. Zeaqqxvrxg pgpaqqs zjyxf a vpitxf jd zawxrjfbxg, avm hexv gjqyxm, xaze sbxqmg a gwfbvr (zaqqxm a dqar) hebze bg gptibwwxm wj av jvqbvx gzjfbvr gxfybzx. ZWDg afx a rfxaw has wj qxafv a hbmx affas jd zjicpwxf gxzpfbws gnbqqg bv a gadx, qxraq xvybfjvixvw, avm afx ejgwxm avm cqasxm ts iavs gxzpfbws rfjpcg afjpvm wex hjfqm djf dpv avm cfazwbzx.Djf webg cfjtqxi, wex dqar bg: cbzjZWD{DF3LP3VZS_4774ZN5_4F3_Z001_4871X6DT}The ciphertext is continuous text with no spacing, making it visually harder to read, but still vulnerable to frequency analysis.
Solution
To decode this efficiently, we load the ciphertext into: Mono-alphabetic Substitution
The tool performs frequency analysis and heuristic reconstruction to rebuild natural English from the continuous letter stream.
After processing, we obtain the fully decrypted plaintext:
CTFS (SHORT FOR CAPTURE THE FLAG) ARE A TYPE OF COMPUTER SECURITY COMPETITION. CONTESTANTS ARE PRESENTED WITH A SET OF CHALLENGES WHICH TEST THEIR CREATIVITY, TECHNICAL (AND GOOGLING) SKILLS, AND PROBLEM-SOLVING ABILITY. CHALLENGES USUALLY COVER A NUMBER OF CATEGORIES, AND WHEN SOLVED, EACH YIELDS A STRING (CALLED A FLAG) WHICH IS SUBMITTED TO AN ONLINE SCORING SERVICE. CTFS ARE A GREAT WAY TO LEARN A WIDE ARRAY OF COMPUTER SECURITY SKILLS IN A SAFE, LEGAL ENVIRONMENT, AND ARE HOSTED AND PLAYED BY MANY SECURITY GROUPS AROUND THE WORLD FOR FUN AND PRACTICE.FOR THIS PROBLEM, THE FLAG IS: PICOCTF{FR3QU3NCY_4774CK5_4R3_C001_4871E6FB}
From here, at the very end, we can see the flag already.
β‘ Raikiriπ Flag pwned!
Some substitution solvers occasionally mix up mappings when two letters have nearly identical frequency patterns.
In this ciphertext, J and Q were swapped in the raw solver output, producing: PICOCTF{FR3JU3NCY_4774CK5_4R3_C001_4871E6FB}
But logically, the correct flag is: PICOCTF{FR3QU3NCY_4774CK5_4R3_C001_4871E6FB}
π‘ TL;DR / Lesson LearnedChallenge uses a monoalphabetic substitution cipher.
Feed ciphertext into DCODEβs solver β plaintext recovers almost instantly.
Solver swapped J and Q, but context makes the correction obvious.