Challenge: 

Name:  Nested Easter Egg

Description: Apply some advanced cryptanalysis to find the real easter egg.

Difficulty: 4 star

Category: Cryptographic Issues

Expanded Description: https://pwning.owasp-juice.shop/part2/cryptographic-issues.html

Tools used:

None.

Resources used:

Poison Null Byte && Easter Egg

Base64 Decoder

Caesar Decipher

Methodology:

*To solve this challenge, you must first have solved the Easter Egg challenge listed above in order to access the following text file.

Opening the Easter Egg file, there’s an obvious base64 string to decode. Base64 is easy to spot because it contains ‘=’ as padding. While it can also contain ‘+’ and ‘/’ as special characters, ‘=’ is a dead giveaway.

“/gur/qrif/ner/fb/shaal/gurl/uvq/na/rnfgre/rtt/jvguva/gur/rnfgre/rtt” is clearly a URL, but it is also clearly not accurately deciphered. This looks an awful lot like a rotating (or Caesar) cipher. Rather than writing a series of regex strings to sift through until I found the right rotation (even though I suspected ROT13 out of sheer popularity), I opted to use an online Caesar cipher tool to find the most likely URL.

Copy and paste that URL to the end of the localhost address and get ready for the next challenge.

Lessons Learned and Things Worth Mentioning: 

1. I’ve apparently learned enough to be able to spot simple crypto algorithms at a glance, so that’s cool.
2. Online tools that duplicate the functionality of OS-based tools like Burp are sometimes much more convenient. In this case I didn’t have Burp open, so rather than going through that process I just googled it.