The first thing that came to my mind given the challenge title was the Caesar cipher. Reading the text from the attached file: tzc3Sq{k!ss!a!__FZ!!_!11}, I confirmed this idea. Since the first hint tells us to unscramble the message, I thought about the shift applied by the Caesar cipher. Then, we are instructed to arrange the decoded text in the form of a square. Let’s move on to the next phase.
increasing the shift until I found a text containing all the characters of the flag format (wctf{}).
Exploitation
Once I obtained the text, I extracted its length using python:
Length
As we can see, it is 25 characters long. I extracted the length because the text needs to be arranged in the form of a square. By calculating $\sqrt{25}=5$, I determined the number of characters per row and the number of rows, since a square consists of $n^2$ elements. Then, I created the table:
1
2
3
4
5
w
c
f
3
V
t
{
n
!
v
v
!
d
!
_
_
I
C
!
!
_
!
1
1
}
It immediately stood out to me that the flag should be read diagonally, as some words form the famous phrase of Julius Caesar: Veni Vidi Vici.
Flag capture
Manual Flag
๐ ๏ธ Exploitation Process
Approach
The automatic exploit applies the Caesar cipher to the message text. Then, it inserts it into a 5x5 matrix and constructs the flag as previously described.
