This challenge was actually pretty fun and I'm really proud that I managed to get this one with minimal help. The link, dance.wpictf.xyz simply redirects to a RickRoll - very confusing at first, as there can't possibly any data there ... or can there?
Let's take a peek at the headers of the link.
$ curl -I https://dance.wpictf.xyz
HTTP/2 302
server: nginx/1.13.12
date: Sun, 15 Apr 2018 19:40:01 GMT
content-type: text/html; charset=utf-8
content-length: 309
location: https://www.youtube.com/watch?v=dQw4w9WgXcQ#t=0m09s
set-cookie: flag=E1KSn2SSktOcG2AeV3WdUQAoj24fm19xVGmomMSoH3SuHEAuG2WxHDuSIF5wIGW9MZx=; Path=/
set-cookie: Julius C.="got good dance moves."; Path=/
strict-transport-security: max-age=31536000
The flag
cookie is very suspicious. I assumed it to be base64 encoded, given the =
at the end. However, it decodes to some nonsense binary data, and doesn't translate to a utf-8
string. I took a shot at doing ROT13, but yielded similar results.
Looking more closely at the second cookie, Julius C.
we can see that there's a hint at a Caesar cipher. I wrote the attached decode.py
to cycle through all the cipher possibilties. The output of the script is as follows.
Deciphering ROT1
Invalid
Deciphering ROT2
Invalid
Deciphering ROT3
Invalid
Deciphering ROT4
WPI{bInAm_do3sn,t_kn0w_h1w_t2_creaTe_chaIIenges}
Deciphering ROT5
Invalid
Deciphering ROT6
Invalid
Deciphering ROT7
Invalid
Deciphering ROT8
Invalid
Deciphering ROT9
Invalid
Deciphering ROT10
Invalid
Deciphering ROT11
Invalid
Deciphering ROT12
Invalid
Deciphering ROT13
Invalid
Deciphering ROT14
Invalid
Deciphering ROT15
Invalid
Deciphering ROT16
Invalid
Deciphering ROT17
Invalid
Deciphering ROT18
Invalid
Deciphering ROT19
Invalid
Deciphering ROT20
Invalid
Deciphering ROT21
Invalid
Deciphering ROT22
Invalid
Deciphering ROT23
Invalid
Deciphering ROT24
Invalid
Deciphering ROT25
Invalid
We now know there was a 4-letter rotation in the cipher, and the flag was WPI{bInAm_do3sn,t_kn0w_h1w_t2_creaTe_chaIIenges}
.
Thanks for the challenge, Binam!