Christian Leipold/ Oktober 18, 2022/ IT-Security, Write-Ups/ 0Kommentare




Unable to use their RSA encryption program, luciafer resorts to using old school techniques to send a message out to the team. Can you decipher the code and find the flag?

Submit the flag as flag{flag text}

Download Image
SHA1: 1afcf5cc3a64f3924f27425ed344fbe4545c5554


The link provided was the following image.

At first sight we see that it consists of three parts

  1. a kind of tabula recta - Vigenère cipher
  2. perhaps the message to be decoded?
  3. some dots, maybe braille?

To use the Vigenère table to decrypt the message, you need the key.
My first thought was that maybe the Braille is just the key and I just need to translate it.

Unfortunately, the online tools had some problems, so I did the translation manually using the Braille alphabet.
So I searched for a font and found it on

There was no need to download it, because now I could translate it step by step.

It turned out that the Braille translation was port 47980 ???

I looked at the task again and saw that there was a url at the end. so let's give it a try

└─$ nc 47980

It looks like GOBLINS is the key.
I tried to decrypt it using

But again, no luck. "XF TUSJLF UPNPSSPX" is certainly not correct.
Then I noticed that the table is not in the familiar format, it should start with A A in the upper left corner, not Z Z. So it is upside down.

With again some manual work - on this occasion the title of the challenge came back to my mind - I finally got the flag.


GO BLINSG OBLINSGO          -> the key (if shorter than the encoded text - just repeat it over and over again)
DT UFAWDL IQYXFKVL          -> the encrypted text
WE STRIKE TOMORROW          -> the plaintext (after manual decryption)

Look on the left for the letter G
and than in that line for the letter D
go all the way up and you have W

Look on the left for the letter O
and than in that line for the letter T
go all the way up and you have E


Share this Post

Hinterlasse einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert