top of page
cosmodiumcs.png
  • Writer's pictureC0SM0

Wow!

// A Space Heroes CTF 2022 Challenge...


Hey Hackers! Here is a write up from the "Wow Signal" challenge from Space Heroes CTF 2022. I will attach a video write up of the challenge below just in case if you are more of a visual learner ;)

 
 

// Analyzing Photos:

The CTF starts by giving us two images, a "signal.png" and a "woah.png".

The signal.png file gives us context behind the challenge and its association with The Wow Signal. The woah.png was an image of encrypted text. Lied within this image was our flag. We could easily identify it due to its formatting.


// Identifying Known Plaintext:

In Cosmodium's Breaking Ciphers course, we teach a popular concept in cryptography where we can break ciphers simply by knowing part of the plaintext. In this case, we know the flag starts with "SHCTF" because every flag starts with those five letters and is followed by two curly braces "{}". So every time we see the encrypted characters that represent "s", "h", "c", "t", or "f", we can replace them with the appropriate letters.

We can assume that the three characters after the encrypted "SHCTF" are "wow" due to the name of the challenge and the how those encrypted characters are formatted. We can actually decrypt other characters in our ciphertext by matching the our decrypted characters and solving for other words. Here is an example provided by Shepherd below.


// Python For The Win:

After some time, I started to get lazy. I was tired of trying to manually identify new words to decrypt our flag. So what I ended up doing was using Python to generate the remaining possibilities of our flag.

alphabet = 'abdgjklmnpqruvxyz'

for char in alphabet:
    for let in alphabet:
        flag = f'wow_its_the_{char}artia{let}s'
        print(flag)

I went through the output of the code and came across this section in my terminal.

I discovered "shctf{wow_its_the_martians}" and submitted the flag. Thanks for reading, and as always,


Happy Hacking!


// Socials:

© 2022 by Cosmodium CyberSecurity LLC

128 views0 comments

Recent Posts

See All

Комментарии


bottom of page