picoCTF Solutions
picoCTF 2026CryptographyMedium

StegoRSA

Published: March 20, 2026

Description

A message has been encrypted using RSA. The public key is gone... but someone might have been careless with the private key. Can you recover it and decrypt the message? Download the flag.enc and image.jpg .

Setup

Download flag.enc

Download flag.enc and image.jpg.

Examine the image metadata -- something may be hidden there.

exiftool image.jpg
strings image.jpg

Solution

  1. Step 1Extract the RSA private key from the image
    The RSA private key is hidden in the EXIF metadata of image.jpg, encoded as a hex string. Use exiftool to extract all metadata fields and look for a PEM-encoded or hex-encoded key.
    exiftool image.jpg
    exiftool -b -Comment image.jpg
  2. Step 2Decode the private key
    Convert the hex string found in the metadata back to a PEM file.
    python3 -c " import binascii hex_key = 'YOUR_HEX_KEY_HERE' pem = binascii.unhexlify(hex_key).decode() open('private.pem', 'w').write(pem) print('Key written to private.pem') "
  3. Step 3Decrypt the flag
    Use the recovered RSA private key to decrypt flag.enc.
    openssl rsautl -decrypt -inkey private.pem -in flag.enc -out flag.txt
    cat flag.txt

Flag

picoCTF{rs4_k3y_1n_1mg_66388eb3}

The RSA private key is hidden in the EXIF metadata (Comment field) of the image as a hex-encoded PEM string.