Onion
π Details
| Attribute | Details |
|---|---|
| Challenge Name | Onion |
| Category | Cryptography |
| Difficulty | π Medium |
| Flag | F4H{tW8WqFDImR**********} |
π Description
A mysterious file has appeared, containing nothing but a long string of characters.
Can you peel back the layers of encoding to reveal the true flag?
Download the file and start exploring.
π₯ Download encrypted.txt
𧩠Hints
-
Look at the character set used in the given string. Does it match a common encoding format?
-
If you decode it once, it might still look strange. Maybe another encoding is hiding underneath?
π‘ Solution
This challenge involves multiple layers of encoding, just like peeling an onion. Here's how you can approach it step-by-step using an online tool like CyberChef (opens in a new tab):
-
HEX
The string consists only of hexadecimal characters (0-9, A-F), which suggests it's hex-encoded. -
BASE64
The decoded result ends with==, which is a common padding at the end of a Base64-encoded string. -
ROT13
The resulting string has a format likeS4U{...}, which hints at a ROT13-encoded flag (SβF,UβH, etc.).
π Insights
This challenge demonstrates how attackers or CTF authors may obfuscate information by layering simple encoding and cipher techniques. Here's why each step was recognizable:
- HEX: A long string using only 0β9 and AβF characters is a clear sign of hexadecimal encoding.
- BASE64: After decoding HEX, the resulting string ends in
==, which strongly suggests Base64 β a format used for transmitting binary data as text. - ROT13: The structure of the decoded text (e.g.,
S4U{...}) resembles the flag format, but the letters donβt match the usualF4H{...}β this hints at ROT13, a common and reversible cipher.
While each encoding step is simple on its own, stacking them makes it harder to immediately recognize the final result. This kind of layered encoding is often used to slow down reverse engineering or hide sensitive data.
By understanding patterns in encoding formats, you can more quickly identify the next decoding step.