Description
A leaked credential dump pairs usernames and encrypted passwords line-for-line. Locate the entry for `cultiris`, decode the stored password, and submit it as the flag.
Setup
Extract the archive to reveal `usernames.txt` and `passwords.txt`, which align line-by-line.
Search for the username `cultiris` to capture the correct line number.
Print the corresponding password entry and decode it from ROT13.
wget https://artifacts.picoctf.net/c/151/leak.tar
tar -xf leak.tar && cd leak
grep -n "cultiris" usernames.txt
sed -n '378p' passwords.txt
sed -n '378p' passwords.txt | caesar 13
Solution
- Step 1Map the username`grep -n "cultiris" usernames.txt` reveals the account sits at line 378. Because both files are aligned, that same line number in `passwords.txt` holds the encrypted secret.
- Step 2Retrieve the password entry`sed -n '378p' passwords.txt` prints `cvpbPGS{P7e1S_54I35_71Z3}`, an obvious substitution that still resembles the picoCTF format.
- Step 3Apply ROT13Running the line through `caesar 13` (from bsdgames) or any ROT13 decoder transforms it back into plaintext, yielding the final flag.
Flag
picoCTF{C7r1F_54V35_71M3}
Because the files are line-aligned, finding the username index immediately pinpoints the paired password.