Room: Advent of Cyber
Difficulty: Beginner
“You think the Christmas Monster is intercepting and reading your messages! Elf Alice has sent you an encrypted message. It’s your job to go and decrypt it!”
Question #1 What is the md5 hashsum of the encrypted note1 file?
For this challenge we get a couple files to download. They are encrypted, so, for example, if you open up the first file you will just see a string of text in different languages/symbols:
ඌ܄ȃ檊驟퉠ů拎虐쩆⊁䧔ው鳸谴Г㊩돏蠻䙞ඌ倗匜崁㫵ﲿ元悏붩債N紿㏼⒞⤩ꛁꍲԢማ궴�꺅�鑼�뫏냜ᦓ⽗쬷狂켗覻驢緙֢
I picked a few out and threw them in Google translate for fun. I found the Korean symbol for “Boo” , the Chinese symbol for “Sudden” and a some others.
The question just wants the md5 hashsum for note1, so that’s easy enough:
md5sum <file path>
Question #2 Where was elf Bob told to meet Alice?
If you look at the extension on the first note, you can see .gpg at the end. This stands for GNU Privacy Guard, which is free software based on OpenPGP and PGP, used to encrypt/decrypt things using an AES algorithm and public/private keys.
Reading through the source information that came with the question is a good idea if you would like to learn a bit more.
If you have the key (which we do), it’s simple to open up the file via command line.
The -d means to decrypt:
gpg -d <file path>
Then the secret message is revealed:
Question #3 Decrypt note2 and obtain the flag!
We are provided another hint for this question:
This winds up being pretty simple since we already have the private key and the correct syntax from the source material:
openssl rsautl -decrypt -inkey <private.key> -in <encrypted.txt> -out <plaintext.txt>
And there we have it! A quick one today, which is nice, since my brain is still recovering from the OSINT challenges from this past weekend’s DownUnderCTF.
Happy Hacking! ❤
