OWASP-LPU CTF: What’s Hiding
Welcome to the Write-up. From we almost got nothing so left with the Special Box
By Unzipping the file i got the file
It looks like a mirror text and decrypting is saying this is just a image nothing got useful from here. By doing the exif on the image got some interesting fields
We could see the Copyright, UserComment and Ownername Looks similar with the help of Hint you can arrange like
By arranging it we got
avaxd vdvxd vxvad xavxa vfaaa ddffd fafga dffaa fggdg fdaaf daffd ffadf favff afaaf aadaa dvaaf avadd dvfad dfvvv aaddd fgada dafgf gdfgf adavf fdddv fvava aavfv vvxvf dxxvx vgdad fdfda gfvdf aafgd dgfga aadva avava vavvx xvxdd fagav vadvx fxdfa faagd vvvax vxadv vavfv dafaf dddxd addvv agvxa aaada fgaff adfaf fgfaf adaaa afvxv dadvd vdgda gavax vvadd fagaf ffafa fgdgd adgff daaff fffaa aafaa adaad gfdfa dadfd dggdv afafd dffga afafa dfadg gavfa ddvfd avxvv addvv aadgg f
This is the Final text we got now I need to analyze this file it looks like adfgvx-cipher tried to decrypt
We need an exact key for that to solve
Again went to the folder and checked found some Hidden files in the Directory
Opening that TMP folder returns us with two files
These two are the files now one is TIC TAC CODE and another one is Chinese CODE
Decrypting the two files got
Merging them both gives us the LPUOWASPISTHEKEY passing in the key feild gives us
Now we got something like
hotelthreelimalimazeropapafourromeotangoonecharlieonepapaalphanovembertangohotelzerowhiskeyfourromeothreeyankeezerouniformfoxtrotonenovemberfourlimalimayankeeyankeezerouniformdeltaonedeltaindiatango
Here if we could see it is like first letter one
like
hotel — h
three — 3
lima — l
lima — l
zero — 0
………………..
by decrypting this way we get h3ll0p4rt1c1panth0w4r3y0uf1n4llyy0ud1dit
writing in the flag format and in snake case we get Here comes the final flag
OWASPLPU{h3ll0_p4rt1c1pant_h0w_4r3_y0u_f1n4lly_y0u_d1d_it
Thanks for Reading
Likhith Kanigolla
#HappyHacking