picoCTF - Cryptography - credstuff

Pascal Peinecke published in crypto picoctf

2022-04-06 477 words 3 minutes

Contents

Cryptography - credstuff - writeup

description

We found a leak of a blackmarket website’s login credentials. Can you find the password of the user cultiris and successfully decrypt it? Download the leak here. The first user in usernames.txt corresponds to the first password in passwords.txt. The second user corresponds to the second password, and so on.

writeup

let’s write a python program that finds the corresponding password for the user ‘cultiris’

According to the task description the n-th user corresponds to the n-th password.

So my task here is to find the position of the user ‘cultiris’ in the file ‘usernames.txt’ and find the password with the same position in the file ‘passwords.txt’

Here is the program I came up with:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#!/usr/bin/env python3

username="cultiris"
username_file="leak/usernames.txt"
password_file="leak/passwords.txt"

# find position of cultiris in file leak/usernames.txt
def search_string_in_file(file_name, string_to_search):
    """Search for the given string in file and return lines containing that string,
    along with line numbers"""
    line_number = 0
    list_of_results = []
    # Open the file in read only mode
    with open(file_name, 'r') as read_obj:
        # Read all lines in the file one by one
        for line in read_obj:
            # For each line, check if line contains the string
            line_number += 1
            if string_to_search in line:
                # If yes, then add the line number & line as a tuple in the list
                list_of_results.append((line_number, line.rstrip()))
    # Return list of tuples containing line numbers and lines where string is found
    return list_of_results

print(search_string_in_file(username_file, username))

# running this code so far we found the username 'cultiris' on line 378

# lets extract line 378 of the file leak/passwords.txt

lines = []                             		 # Declare an empty list named lines.
with open ('leak/passwords.txt', 'rt') as psswd_file: # Open leak/passwords.txt for reading text data.
    for line in psswd_file:                	 # For each line, stored as line,
        lines.append(line)           		 # add its contents to lines.
                          		
# now just print out line 378 to find the correct password
# for the user cultiris
# the index is 377 because arrays start at 0
print(lines[377])

Using my python program I found the username ‘cultiris’ on line 378:

1
[(378, 'cultiris')]

So all I have to do now is to extract line 378 of the file ‘passwords.txt’.

I got this:

1
cvpbPGS{P7e1S_54I35_71Z3}

This seems to be encrypted

We need a hint on how to solve this…

Let’s take a look at the passwords.txt file:

If I search the file for the term ‘pico’, I found this line:

1
pICo7rYpiCoU51N6PicOr0t13

I think that could be a hint to use ROT13 to decrypt the flag!

So let’s try to rotate each character by 13 position using ROT13:

1
picoCTF{C7r1F_54V35_71M3}

That is our flag!

Awesome!