Description
Cryptography can be easy, do you know what ROT13 is? cvpbPGS{arkg_gvzr_V'yy_gel_2_ebhaqf_bs_ebg13_ZMNydSQw}
Solution
Walk me through it- Step 1Apply ROT13ROT13 rotates each letter by 13 positions in the alphabet. The tr command maps A-Z to N-ZA-M and a-z to n-za-m, effectively applying the cipher. Run the command with the ciphertext to recover the flag.bash
echo "cvpbPGS{arkg_gvzr_V'yy_gel_2_ebhaqf_bs_ebg13_ZMNydSQw}" | tr 'A-Za-z' 'N-ZA-Mn-za-m'Learn more
ROT13(rotate by 13) is a simple letter substitution cipher that replaces each letter with the one 13 positions after it in the alphabet. Since the alphabet has 26 letters, rotating by 13 twice returns to the original - making ROT13 its own inverse. Applying it to already-ROT13'd text always decodes it, with no need to switch between "encrypt" and "decrypt" modes.
ROT13 is a special case of the Caesar cipher, which Julius Caesar historically used with a shift of 3 to protect military communications. The Caesar cipher works by shifting each letter a fixed number of positions. With only 26 possible shifts, it provides essentially no security against brute-force - but it's still commonly used online to obscure spoilers or puzzle answers without the intent to truly encrypt them.
The
trcommand ("translate") is a powerful Unix utility that substitutes characters according to a mapping. The patterntr 'A-Za-z' 'N-ZA-Mn-za-m'maps: A→N, B→O, ..., M→Z, N→A, ..., Z→M, and the same for lowercase. Notice the flag's suffixZMNydSQwis unchanged by ROT13 - it was already ROT13'd by the challenge author before embedding it, so it decodes to the same value, illustrating the self-inverse property.The challenge title "Mod 26" hints at the mathematical underpinning: ROT13 is addition modulo 26, where each letter is treated as a number 0 to 25. Adding 13 mod 26 is the same as subtracting 13 mod 26, which is why the same operation both encrypts and decrypts.
Recognizing ROT13 in the wild: If a ciphertext looks almost like English but with slightly shifted letters - words have the right rhythm but wrong characters - it is often ROT13 or a Caesar cipher. The word "gur" in the ciphertext above is ROT13 for "the," a giveaway. Online tools like rot13.com decode it instantly. In Wireshark, the right-click > "Decode as" menu does not include ROT13 (it is not a real encryption protocol), so a terminal command or online tool is the fastest path.
Brute-forcing Caesar ciphers: If you suspect a Caesar cipher but do not know the shift, there are only 25 possible shifts. A quick Python loop tries all of them:
for shift in range(26): print(shift, ''.join(chr((ord(c)-65+shift)%26+65) if c.isupper() else chr((ord(c)-97+shift)%26+97) if c.islower() else c for c in ciphertext)). The correct shift produces readable English. Thetrcommand handles ROT13 specifically because it is the only Caesar variant where the same command both encodes and decodes.
Alternate Solution
No terminal? Paste the ciphertext directly into the ROT / Caesar Cipher tool on this site, set the shift to 13, and the flag appears instantly. The tool also has a Try all 26 shifts button that prints every possible rotation at once.
Flag
picoCTF{...}
ROT13 is its own inverse - applying it twice returns the original text. Notice how the suffix of the flag is unchanged after ROT13.