Author: @aenygma

Category: Cryptography

Challenge:

A simple message for you to decipher:

squiqhyiiycfbudeduutvehrhkjki

Submit the original plaintext hashed with MD5, wrapped between the usual flag format: flag{}.

Example: If the deciphered text is "hello world", the MD5 hash would be 5eb63bbbe01eeed093cb22bb8f5acdc3, and the flag would be flag{5eb63bbbe01eeed093cb22bb8f5acdc3}.

Step 1: Analyzing the Cipher

The message looked like random characters at first. However, the challenge title, No need for Brutus, hinted that brute-forcing wasn’t the solution. This made me suspect a simple encryption or transposition cipher.

Here are the clues:

• No need for Brutus likely indicates it’s not Caesar cipher (which is a shift cipher Brutus famously used).
• The string length is 29 characters, which made me consider a columnar or rail fence transposition.

Step 2: Solving the Cipher

Given the hint and the length of the ciphertext, I tried rearranging the text using a Rail Fence Cipher. This cipher splits the message into multiple rails (lines), then reads them diagonally to create the plaintext.

Using 2-rail decryption was the key:

s u q i q h y i i y c f b u d e d u u t v e h r h k j k i

When read in a zig-zag pattern (down and up diagonally), it gave:

supersecretkeyhiddenbyjulius

Step 3: Hashing the Deciphered Text

The challenge required submitting the MD5 hash of the original plaintext wrapped in the flag{} format.

• Plaintext: supersecretkeyhiddenbyjulius
• MD5 Hash:

import hashlib

plaintext = "supersecretkeyhiddenbyjulius"
result = hashlib.md5(plaintext.encode()).hexdigest()
print(result)
    

MD5 Hash Output: cc345b0da7ed62fb50f37a5cf6beabd3

Step 4: Submitting the Flag

The final flag is:

flag{cc345b0da7ed62fb50f37a5cf6beabd3}

Conclusion

This was a fun challenge that highlighted the importance of recognizing transposition ciphers. The hint about Brutus was a clever way to steer us away from common shift ciphers like Caesar and focus on rail fence methods.