Description
A leaked credential dump pairs usernames and encrypted passwords line-for-line. Locate the entry for cultiris, decode the stored password, and submit it as the flag.
Setup
Extract the archive to reveal usernames.txt and passwords.txt, which align line-by-line.
Search for the username cultiris to capture the correct line number.
Print the corresponding password entry and decode it from ROT13.
wget https://artifacts.picoctf.net/c/151/leak.tartar -xf leak.tar && cd leakgrep -n "cultiris" usernames.txtsed -n '378p' passwords.txtsed -n '378p' passwords.txt | caesar 13Solution
Walk me through it- Step 1Map the username
grep -n "cultiris" usernames.txtshows the account at line 378. Because both files are line-aligned, that same line number inpasswords.txtholds the encrypted secret.bashgrep -n cultiris usernames.txtbashpaste usernames.txt passwords.txt | grep cultirisLearn more
Credential dumps (or "combo lists") typically ship as paired text files: line N in
usernames.txtmatches line N inpasswords.txt.grep -nprints the line number alongside the match, which is what links the two files together.For one shot, just
pastethem:paste usernames.txt passwords.txt | grep cultirisjoins the columns side-by-side and shows you the user and their cipher in one row. Same idea aszip()in Python. Saves you from manuallysed -n 'Np''ing on the password file.The root cause of this challenge: passwords were stored in plaintext (or trivially reversible) on the server. Real systems store a salted slow hash (bcrypt, scrypt, Argon2). When the dump leaks, attackers must crack each hash one by one instead of reading off the password directly. Cracking workflow in Hash Cracking for CTFs.
- Step 2Retrieve the password entry
sed -n '378p' passwords.txtprintscvpbPGS{P7e1S_54I35_71Z3}- a substitution that still looks like the picoCTF format.Learn more
How to recognize ROT13 visually: the ciphertext preserves word boundaries, punctuation, and case, and the prefix
cvpbPGShas the same shape aspicoCTF(4 lowercase + 3 uppercase). Each character is shifted by 13:p->c,i->v,c->p,o->b. Once you spot a flag-shaped string with the wrong letters, count the shift on one or two characters and ROT13 falls out. More cipher-spotting tactics in CTF Encodings.sed -n 'Np'is the shortest way to print line N. Alternatives:awk 'NR==N'orhead -N file | tail -1. - Step 3Apply ROT13Running the line through
caesar 13(from bsdgames) or any ROT13 decoder transforms it back into plaintext, yielding the final flag.Learn more
ROT13 is a Caesar cipher with a fixed shift of 13. The mathematical formulation is
E(x) = (x + 13) mod 26where x is the letter's zero-based position (A=0, B=1, ..., Z=25). Because 13 is exactly half of 26, applying ROT13 twice gives(x + 26) mod 26 = x, so the cipher is its own inverse.Worked example on the prefix 'cvpb' (where a=0, b=1, ..., z=25): c (= 2) -> (2 + 13) mod 26 = 15 -> 'p' v (= 21) -> (21 + 13) mod 26 = 8 -> 'i' p (= 15) -> (15 + 13) mod 26 = 2 -> 'c' b (= 1) -> (1 + 13) mod 26 = 14 -> 'o' Result: 'pico' -> matches the expected flag prefix.On Linux,
caesar 13(frombsdgames) applies the shift. Other quick methods:tr 'A-Za-z' 'N-ZA-Mn-za-m', Python'scodecs.encode(s, 'rot_13'), or any online ROT13 tool. Storing passwords in ROT13 is essentially storing them in plaintext - real password storage requires a slow hash (bcrypt, scrypt, Argon2) with a per-user salt.
Alternate Solution
Once you have the ROT13-encoded password string, you can decode it directly in the browser with the ROT / Caesar Cipher tool. Paste the ciphertext (cvpbPGS{P7e1S_54I35_71Z3}), set the shift to 13, and the flag is revealed instantly - no terminal required.
Flag
picoCTF{...}
Because the files are line-aligned, finding the username index immediately pinpoints the paired password.