• URL: https://play.picoctf.org/practice/challenge/418
• Title: interencdec
• Tags: Easy, Cryptography, picoCTF 2024, base64, browser_webshell_solvable
• Author: NGIRIMANA Schadrack
• Started: 20 July 2025
• Solved: 20 July 2025
• Description: Can you get the real meaning from this file. Download the file here.

After downloading the file, I displayed the content

strikingsoul@ramones:~/Downloads$ cat enc_flag 
YidkM0JxZGtwQlRYdHFhR3g2YUhsZmF6TnFlVGwzWVROclgya3lNRFJvYTJvMmZRPT0nCg==

After a base64 decode, there flag is still encrypted

strikingsoul@ramones:~/Downloads$ cat enc_flag | base64 --decode
b'd3BqdkpBTXtqaGx6aHlfazNqeTl3YTNrX2kyMDRoa2o2fQ=='

d3BqdkpBTXtqaGx6aHlfazNqeTl3YTNrX2kyMDRoa2o2fQ==

After decoded once again, the message is still gibberish

…

• URL: https://play.picoctf.org/practice/challenge/475
• Title: hashcrack
• Tags: Easy, Cryptography, picoCTF 2025, browser_webshell_solvable
• Author: Nana Ama Atombo-Sackey
• Started: 7 July 2025
• Solved: 7 July 2025
• Description: A company stored a secret message on a server which got breached due to the admin using weakly hashed passwords. Can you gain access to the secret stored within the server?

Additional details will be available after launching your challenge instance.

After I netcatted to the instance I was given a several hashes and I cracked it using this tool. Here’s a snippet of my terminal

…