Houseplant CTF Write Up Part 2

Houseplant CTF front page

Welcome to Part 2! This part will covers some of the Cryptography challenges I did with our Team ZH3R0 for Houseplant CTF organized by RiceTeaCatPanda CTF Team.

If you haven’t checked the first part, check it out below,

Houseplant CTF Write Up Part 1

Let’s get started!

11 — Cryptography Challenge 1

I wrote a quick script, would you like to read it? — Delphine

(doorbell rings)
delphine: Jess, I heard you’ve been stressed, you should know I’m always ready to help!
Jess: Did you make something? I’m hungry…
Delphine: Of course! Fresh from the bakery, I wanted to give you something, after all, you do so much to help me all the time!
Jess: Aww, thank you, Delphine! Wow, this bread smells good. How is the bakery?
Delphine: Lots of customers and positive reviews, all thanks to the mention in rtcp!
Jess: I am really glad it’s going well! During the weekend, I will go see you guys. You know how much I really love your amazing black forest cakes.
Delphine: Well, you know that you can get a free slice anytime you want.
(doorbell rings again)
Jess: Oh, that must be Vihan, we’re discussing some important details for rtcp.
Delphine: sounds good, I need to get back to the bakery!
Jess: Thank you for the bread! ❤

Dev: Delphine

edit: This has been a source of confusion, so: the code in the first hint isn’t exactly the method to solve, but is meant to give you a starting point to try and decode the script. Sorry for any confusion.

Hint! I was eleven when I finished A Series of Unfortunate Events.

Hint! Flag is in format:

rtcp{.*}

add _ (underscores) in place of spaces.

Hint! Character names count too

This is a fairly a simple cipher that can be manually broken. So, what cipher is this?

During the event the first thing I did was google the hint, as it looked like some sort of book.

Google search of A Series Of Unfortunate Events

And we got a hit! But this didn’t give me a lot of information as to how to solve the challenge. I then searched for “A Series Of Unfortunate Events Cipher”, which landed me on a page which said about Sebald cipher.

Apparently this is a popular cipher used in that movie and some other movies too.

How does a Sebald cipher work?

A keyword mostly variations of “rings”, “bell” or “ringing” starts and ends the cipher just like the flower brackets used in programming. The encoded text can be inside a paragraph, a dialogue conversation, etc.

To find the decoded text one must count the first word immediately after the keyword and every 11th word from it until the next keyword occurs. This will result in the final decoded text. For example check the solution.

I tried to count the words as to how the cipher must be solved, but this had some modification. So, instead of counting from the word immediately followed by the keyword and all the 11th word from it where the result would be,

“delphine always Delphine…” and so on.

Note:- As the hint suggested the speakers name must be counted.

But the final result didn't make sense.

Solution

So, to get the flag you would need to count from the 11th word from the keyword rather than from the word immediately starting from it. And the final result would be as such,

(doorbell rings)
delphine: Jess, I heard you’ve been stressed, you should know I’m always ready to help!
Jess: Did you make something? I’m hungry…
Delphine: Of course! Fresh from the bakery, I wanted to give you something, after all, you do so much to help me all the time!
Jess: Aww, thank you, Delphine! Wow, this bread smells good. How is the bakery?
Delphine: Lots of customers and positive reviews, all thanks to the mention in rtcp!
Jess: I am really glad it’s going well! During the weekend, I will go see you guys. You know how much I really love your amazing black forest cakes.
Delphine: Well, you know that you can get a free slice anytime you want.
(doorbell rings again)

I’m hungry give me bread and I will love you

Format the sentence and you would get the flag.

Flag — rtcp{I’m_hungry_give_me_bread_and_I_will_love_you}

Post-Homework Death — Cryptography Challenge 2

My math teacher made me do this, so now I’m forcing you to do this too.

Flag is all lowercase; replace spaces with underscores.

Dev: Claire

Hint! When placing the string in the matrix, go up to down rather than left to right.

Hint! Google matrix multiplication properties if you’re stuck.

Download challenge file — posthomeworkdeaths.txt

This is a simple high school math-related problem of Matrix Multiplication and a simple substitution cipher called Letter Number (A1Z26). If you know how to manipulate Matrix and Multiply them then this is easy as pie.

The given file contains two important things we require to solve the challenge, the decoding matrix and the string matrix. So, let’s get to the solution.

To know more about matrix please google on Matrix Multiplication.

Solution

As the hint mentioned place the numbers below the string in the matrix from up to down giving you a 3x7 matrix like this.

String-
37 34 160 58  66 143 11
36 27 237 110 93 210 33
-1 -7 56  44  22  49 22

and the 3x3 decoding matrix,

decoding matrix-
1.6  -1.4  1.8
2.2  -1.8  1.6
-1     1    -1

multiplying both matrix in the given order string matrix * decoding matrix to get the final product as a 3x7.

Product-
7   4  25  18  15  23  11
15 15  15  0   13  15   0
0   0  21  8   5   18   0

This is another cipher called Letter Number (A1Z26) Cipher we must again solve.

In this cipher the numbers are substituted with letters, no not ASCII values, just simple A=1;B=2, etc, and solving it from up to down considering 0 as space gives you,

go do your homework

Format it and you get the flag.

Flag — rtcp{go_do_your_homework}

[To Be DONE! ;)]

Sizzle — Cryptography Challenge 4

Due to the COVID-19 outbreak, we ran all out of bacon, so we had to use up the old stuff instead. Sorry for any inconvenience caused…

Dev: William

Hint! Wrap your flag with rtcp{}, use all lowercase, and separate words with underscores.

Hint! Is this really what you think it is?

Download challenge file — encoded.txt

This was a fairly easy challenge. This challenge is based upon a simple substitution cipher called Bacon Cipher which in the given file looks like Morse Code. But remember that Morse Code doesn’t exceed 4 characters for alphabets and 5 characters for digits.

Tip:- While decoding something which looks like a Morse Code if u get ‘#’, ‘$’, ‘%’ or something similar repeatedly in the website you decode, it may mean that they had an error decoding it. Thus, it could mean that it isn't even Morse Code in the first place you were trying to decode. If so, try out other variations of Morse Code like Fractionated Morse, etc.

How does Bacon Cipher work?

Bacon Cipher works with any two characters and a particular coded set for each alphabet, numbers. It doesn't matter if the characters are alphabets or numbers, you could always substitute the characters with any thing you like.

The below table has a few examples with different pair of characters

Letter    Encoded Set Types        Letter    Encoded Set Types
A         aaaaa   00000   .....    N         abbab   01101   .--.-
B         aaaab   00001   ....-    O         abbba   01110   .---. 
C         aaaba   00010   ...-.    P         abbbb   01111   .----
D         aaabb   00011   ...--    Q         baaaa   10000   -....
E         aabaa   00100   ..-..    R         baaab   10001   -...-
F         aabab   00101   ..-.-    S         baaba   10001   -..-.
G         aabba   00110   ..--.    T         baabb   10011   -..--
H         aabbb   00111   ..---    U         babaa   10011   -.-..
I         abaaa   01000   .-...    V         babab   10101   -.-.-
J         abaab   01001   .-..-    W         babba   10110   -.--.
K         ababa   01010   .-.-.    X         babbb   10111   -.---
L         ababb   01011   .-.--    Y         bbaaa   11000   --...
M         abbaa   01100   .--..    Z         bbaab   11000   --..-

Solution

Encoded text-
....- ..... ...-. .--.- .--.. ....- -..-- -..-. ..--. -.... .-... .-.-. .-.-. ..-.. ...-- ..... .--.. ...-- .-.-- .--.- -.... -...- .-... ..-.- .-... ..-.. ...--

Copying the encoded text to any online decoder and decoding it gives the following text,

baconbutgrilledandmorsified

Format it and you get the flag.

Flag — rtcp{baconbutgrilledandmorsified}

Broken Yolks — Cryptography Challenege 5

Fried eggs are the best.
Oh no! I broke my yolk… well, I guess I have to scramble it now.

Ciphertext: smdrcboirlreaefd

Dev: Delphine

Hint! words are separated with underscores

This is by far the easiest cipher to solve. This was a simple children’s game.

As said in the challenge description this is a scrambled sentence.

Solution

The first thing i did was put it on an online scrambler to solve it, but it didn't return anything useful. After some time of scratching my head, I noticed that the ciphertext contained the word “scrambled” in it, isolating that word from the text gave me,

scrambled.......oirrefd

What do you see? You can immediately notice the other two words being,

scrambled or fried

Format it resulting text and we got the flag.

Flag — rtcp{scrambled_or_fried}

And that concludes the write up of cryptography challenge I did. In the next part I will be talking about some interesting challenge you wouldn't have even heard about. Check out my fellow teammates write up below,

Houseplant CTF Writeup

Writeup for Rivest Shamir Adleman (Crypto)

HousePlant CTF :Jess’s Guitar Writeup

Visit our Team ZH3R0 Blog.

Feel free to contact me,

• Discord — @Amun-Ra#3245
• Instagram — @Amun_rha