c4ptur3-th3-fl4g Walkthrough
Introduction {Spoiler …………… Flags ahead}
Challenge Name: c4ptur3-th3-fl4g
Difficulty: Easy–Medium
Category: Cryptography, Hash Cracking, Steganography
Description: In this CTF, we explore a variety of encoding, hashing, and steganography techniques that test your ability to recognize and decode common formats.
Objective: Search the web, identify the encoding methods, and extract hidden messages.
Task 1: Translation and Shifting
This section tests your understanding of basic encoding and cipher techniques such as ROT, Base encodings, and Morse code.
Task 1-1: Leet (l33t)
Cipher:
1
2
3
c4n y0u c4p7u23 7h3 f149
Solution:
Leetspeak replaces certain letters with numbers or symbols (e.g., 4 → a, 0 → o, 7 → t, 3 → e).
Decoding it manually or using an online converter gives:
Answer: can you capture the flag
Task 1-2: Binary to ASCII
Cipher:
1
2
3
01101100 01100101 01110100 01110011 00100000 01110100 01110010 01111001 00100000 01110011 01101111 01101101 01100101 00100000 01100010 01101001 01101110 01100001 01110010 01111001 00100000 01101111 01110101 01110100 00100001
Solution:
Paste this into any binary-to-text converter.
Answer: lets try some binary out!
Task 1-3: Base32
Cipher:
1
2
3
MJQXGZJTGIQGS4ZAON2XAZLSEBRW63LNN5XCA2LOEBBVIRRHOM======
Solution: Use a Base32 decoder tool.
Answer: base32 is super common in CTF’s
Task 1-4: Base64
Cipher:
1
2
3
RWFjaCBCYXNlNjQgZGlnaXQgcmVwcmVzZW50cyBleGFjdGx5IDYgYml0cyBvZiBkYXRhLg==
Solution: Decode using a Base64 converter.
Answer: Each Base64 digit represents exactly 6 bits of data.
Task 1-5: Hex to ASCII
Cipher:
1
2
3
68 65 78 61 64 65 63 69 6d 61 6c 20 6f 72 20 62 61 73 65 31 36 3f
Solution: Use a hex-to-text converter.
Answer: hexadecimal or base16?
Task 1-6: ROT13
Cipher:
1
2
3
Ebgngr zr 13 cynprf!
Solution: Apply a ROT13 shift.
Answer: Rotate me 13 places!
Task 1-7: ROT47
Cipher:
1
2
3
*@F DA:? >6 C:89E C@F?5 323J C:89E C@F?5 Wcf E:>6DX
Solution: Decode using a ROT47 converter.
Answer: You spin me right round baby right round (47 times)
Task 1-8: Morse Code
Cipher:
1
2
3
– . .-.. . -.-. — — — . .- -. .. -.-. .- – .. — -. . -. -.-. — -.. .. -. –.
Solution: Use a Morse code decoder.
Answer: telecommunication encoding
Task 1-9: BCD to ASCII
Cipher:
1
2
3
85 110 112 97 99 107 32 116 104 105 115 32 66 67 68
Solution: Convert Binary-Coded Decimal to ASCII.
Answer: Unpack this BCD
Task 1-10: Multiple Cipher
This one combines multiple encodings from previous tasks. Decode each layer in sequence.
Answer: Let’s make this a bit trickier…
Task 2: Hashes
These tasks explore common hash types used in cybersecurity. You can use online hash databases like md5decrypt.net or hashes.com.
Task 2-1: MD2
Hash:
1
2
3
39d4a2ba07e44421c9bedd54dc4e1182
Answer: MDwhat?
Task 2-2: MD4
Hash:
1
2
3
e0418e7c6c2f630c71b2acabbcf8a2fb
Answer: digest the message algorithm
Task 2-3: MD5
Hash:
1
2
3
efbd448a935421a54dda43da43a701e1
Answer: 128-bit of delicious hash values
Task 2-4: NTLM
Hash:
1
2
3
11FE61CE0639AC2A1E815D62D7DEEC53
Answer: Microsoft has encryption?
Task 2-5: SHA512
Hash:
1
2
3
a361f05487b879f25cc4d7d7fae3c7442e7849ed15c94010b389faafaf8763f0dd022e52364027283d55dcb10974b09e7937f901584c092da65a14d1aa8dc4d8
Answer: 1024 bit blocks!
Task 2-6: SHA256
Hash:
1
2
3
d48a2f790f7294a4ecbac10b99a1a4271cdc67fff7246a314297f2bca2aaa71f
Answer: Commonly used in Blockchain
Task 2-7: SHA1
Hash:
1
2
3
a34e50c78f67d3ec5d0479cde1406c6f82ff6cd0
Answer: The OG
Task 3: Spectrogram
In this task, you analyze a sound file using spectrogram visualization tools like Audacity or WavePad.
Open the audio file and apply the TFFT (spectrogram) view. A secret message will be revealed within the frequency pattern.
Answer: Super Secret Message
Task 4: Steganography
Use steghide to extract hidden files from an image.
1
steghide extract -sf stegosteg.jpg
After extraction, a hidden file appears:
Output:
1
wrote extracted data to "steganopayload2248.txt".
Task 5: What’s Inside the File?
Open the extracted .txt file in any text editor. The answer lies in the last few lines:
Answer (Task 5-1): hackerchat.png Answer (Task 5-2): AHH_YOU_FOUND_ME!
Conclusion
The c4ptur3-th3-fl4g challenge offers an excellent hands-on introduction to classical ciphers, hash cracking, and steganography. It’s a great reminder that most CTF puzzles can be solved by pattern recognition, research, and knowing where to look online.
```