picoCTF 2022 | credstuff Write-up

Challenge description

We found a leak of a blackmarket website’s login credentials. Can you find the password of the user cultiris and successfully decrypt it? Download the leak here. The first user in usernames.txt corresponds to the first password in passwords.txt. The second user corresponds to the second password, and so on.

Category: Cryptography


According to the challenge, the line number in the user.txt file corresponds to the line number in the password.txt file. A simple Ctrl + F search in the user.txt file for the user “cultiris” reveals that they are on line 378:

Going to the password file, line 378 is:

This seems to fit the flag format, but the characters are jumbled up. My first instinct is that this is a ROT cipher. So, I’ll throw it into an internet tool and see if that works.

As expected, we got our flag

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: