picoCTF 2025 – Cryptography • Easy
We start by observing that message we are being presented with has a strange characteristics, namely the two equals sign at the end of the message.
This is known to be the padding of base64 encoded messages. A message can be decoded without the necessity of a secret key. It can be done online here:
After decoding the message we obtain once again a message that ends with two equal sign, we can decode it again. The message now is different, but we can notice a pattern.
We can observe that the message starts with 4 lowercases letter followed by three upper cases letters, and there is a string in between curly braces.
wpjvJAM{jhlzhy_k3jy9wa3k_78250hmj}This looks like the pattern of a flag but with the letters substitued. It is in fact a substitution cipher.
We observe that each letter of the string 'wpjvJAM' has distance 7 from the letter in the same position of the string 'picoCTF'.
From this we deduce that this is a shift cipher with key = 7. We apply the inverse shift to all the message to recover the flag.