Challenge Description
The challenge presents a short note claiming that the flag has been encrypted using a “very secure encryption method” and even hints that Windows still uses it. The encrypted flag is shown directly in the prompt:
``ZrgnPGS{jul_q03f_j1aq0jf_5gv11_h53_e0g13}``
The challenge title, What’s ROTten Into You?, reinforces the idea that the encryption method is likely some form of ROT cipher.
Initial Analysis
The ciphertext strongly resembles text that has undergone a simple substitution cipher. Several characteristics stand out:
- It consists only of alphabetic characters, numbers, and underscores, with the capitalization pattern matching the typical MetaCTF{.*} flag format.
- The letter distribution still looks English-like.
- The title and the Windows hint both point toward ROT13. Windows uses ROT13 in parts of its registry to lightly obscure certain strings.
Given these clues, ROT13 is the natural first thing to test.
Decoding the Flag
Applying ROT13 to the ciphertext:
``ZrgnPGS{jul_q03f_j1aq0jf_5gv11_h53_e0g13}``
produces:
``MetaCTF{why_d03s_w1nd0ws_5ti11_u53_r0t13}``
Conclusion
The challenge is solved by recognizing the hints toward a classic substitution cipher. ROT13 is one of the simplest encodings used to obscure text, and the challenge title and description make the intended path clear once you recognize the pattern.