PicoCTF2022 - substitution2

Description

It seems that another encrypted message has been intercepted. The encryptor seems to have learned their lesson though and now there isn't any punctuation! Can you still crack the cipher? Download the message here.

Information

Point Value: 100 points

Category: Cryptography

Hints

1. Try refining your frequency attack, maybe analyzing groups of letters would improve your results?

Solution

We know the text file is encoded using a substitution cipher, so we open the txt file to obtain the encoded cipher, and use CyberChef to decode it. However, this time punctuation and spaces have been removed. Again, since we know that the last part of the cipher must be the flag and is in the format "the flag is: picoCTF{...}", we work backwards and we can figure out part of the key is "T*Z*FVRAX**P**QS**EN******", corresponding to the letters "ABCDEFGHIJKLMNOPQRSTUVWXYZ", where "*" are still unknown substitutes. However, the text is still illegible due to no punctuation. theyeeoistseueyalotheymellestaklishebhighschoolcogpwteysecwyithcogpetitiolsilclwbilgchkeypatyiotalbwschkeychallelgethesecogpetitiolsfocwspyigayilholshstegsabgilistyatiolfwlbageltalsmhichayeueyhwsefwlalbgaycetaklescillshomeueymekelieuethepyopeypwyposeofahighschoolcogpwteysecwyithcogpetitiolislotollhtoteachualwaklescillskwtalsotogetstwbeltsilteyestebilalbeocitebakowtcogpwteyscielcebefelsiuecogpetitiolsayeoftellakoyiowsaffaiysalbcogebomltoywllilgchecclistsalbeoecwtilgcolfigscyiptsoffelseoltheotheyhalbisheauilhfocwseboleoployatiolalbigpyouisatiolalboftelhaselegeltsofplahmekelieueacogpetitioltowchilgoltheoffelsiueelegeltsofcogpwteysecwyithistheyefoyeaketteyuehiclefoytecheualgelisgtostwbeltsilageyicalhighschoolsfwytheymekelieuethatalwlbeystalbilgofoffelsiuetechliiwesisesseltialfoygowltilgaleffectiuebefelsealbthatthetoolsalbcolfigwyatiolfocwselcowlteyebilbefelsiuecogpetitiolsboeslotleabstwbeltstoclomtheiyeleghaseffectiuelhasteachilgthegtoactiuelhthilclicealattacceypicoctfisaloffelsiuelhoyieltebhighschoolcogpwteysecwyithcogpetitiolthatseecstogeleyateilteyestilcogpwteyscielceagolghighschooleysteachilgthegelowghakowtcogpwteysecwyithtopiiwetheiycwyiosithgotiuatilgthegtoeoployeoltheiyomlalbelaklilgthegtoketteybefelbtheiygachilestheflagispicoCTF{L6Y4G_4L41H515_15_73B10W5_8E1KF808} We do note that there are certain repeated groups of letters such as "cogpetitiol" and "cogpwteysecwyith", which is most likely the word "competition" and "computer security" respectively. Therefore, we can keep working backwards to find out more of the subsititution key. From just these two repeated groups, we get the more of the key as "T*Z*FVRAX**PGLQS*YENW***H*". thereeoistseueralothermellestaklishebhighschoolcomputersecuritycompetitionsinclubingcykerpatriotanbuscykerchallengethesecompetitionsfocusprimarilyonsystemsabministrationfunbamentalsmhichareueryusefulanbmarcetaklescillshomeuermekelieuetheproperpurposeofahighschoolcomputersecuritycompetitionisnotonlytoteachualuaklescillskutalsotogetstubentsinterestebinanbeocitebakoutcomputersciencebefensiuecompetitionsareoftenlakoriousaffairsanbcomebomntorunningchecclistsanbeoecutingconfigscriptsoffenseontheotherhanbisheauilyfocuseboneoplorationanbimprouisationanboftenhaselementsofplaymekelieueacompetitiontouchingontheoffensiueelementsofcomputersecurityisthereforeaketteruehiclefortecheuangelismtostubentsinamericanhighschoolsfurthermekelieuethatanunberstanbingofoffensiuetechniiuesisessentialformountinganeffectiuebefenseanbthatthetoolsanbconfigurationfocusencounterebinbefensiuecompetitionsboesnotleabstubentstocnomtheirenemyaseffectiuelyasteachingthemtoactiuelythincliceanattaccerpicoctfisanoffensiuelyorientebhighschoolcomputersecuritycompetitionthatseecstogenerateinterestincomputerscienceamonghighschoolersteachingthemenoughakoutcomputersecuritytopiiuetheircuriositymotiuatingthemtoeoploreontheiromnanbenaklingthemtoketterbefenbtheirmachinestheflagispicoCTF{N6R4M_4N41Y515_15_73B10U5_8E1KF808} We keep repeating this process until we get a legible paragraph. There exist several other well-established highschool computer security competitions, including Cyberpatriot and US Cyber Challenge. These competitions focus primarily on systems administration fundamentals, which are very useful and marketable skills. However, we believe the proper purpose of a high school computer security competition is not only to teach valuable skills, but also to get students interested in and excited about computer science. Defensive competitions are often laborious affairs, and come down to running checklists and executing config scripts. Offense, on the other hand, is heavily focused on exploration and improvisation, and often has elements of play. We believe a competition touching on the offensive elements of computer security is therefore a better vehicle for ‘tech evangelism’ to students in American high schools. Further, we believe that an understanding of offensive techniques is essential for mounting an effective defense, and that the tools-and-configuration focus encountered in defensive competitions does not lead students to ‘know their enemy’ as effectively as teaching them to actively think like an attacker.

picoCTF is an offensively-oriented highschool computer security competition that seeks to generate interest in computer science among highschoolers: teaching them enough about computer security to pique their curiosity, motivating them to explore on their own, and enabling them to better defend their machines. Note that these two paragraphs are from picoCTF's own FAQ/Getting Started website under FAQ and "What is picoCTF?". We then obtain the flag from the bottom of the deciphered message.

Flag