Tags: crypto 

Rating:

# cracking-the-cipher (50)

## Problem

Hackers work in the most unlikely of places. We have recently discovered one working in a grocery store (weird), and he was able to print out receipts to pass on information to certain customers. We have obtained one of the receipts, but we cannot tell what it says.

Grocery Store Receipt
| Item | Unit Price | Quantity | Overall Price |
| - | - | - | - |
| Caesar Salad Dressing | 5.99 | 4 | 23.96 |
| Vinegar | 6.99 | 1 | 6.99 |
| Apples (Honey Crisp) | 2.79 | 5 | 13.95 |
| Roast Chicken (7.59) | 1 | 7.59 |
| Tomatoes | 1.59 | 4 | 6.36 |
| | | Subtotal | 58.85 |
| | | Paper Bag Fee | 0.10 |
| | | Taxes (9.00%) | 0.00 |
| | | Total | 58.95 |

vjg rcuuyqtf ku ngctpkpi_ecguct_ekrjgtu_ku_hwp!

Can you crack the code and tell us the information within? The answer should be in the format `bcactf{answer}`.

## Solution

The biggest hint here is the "Caesar Salad Dressing." The string `vjg rcuuyqtf ku ngctpkpi_ecguct_ekrjgtu_ku_hwp!` is encoded using the Caesar cipher. We just need to find out with a rotate value of what.

A while ago, I wrote a script that bruteforces the caesar cipher. Here's the source code:
```python
#!/usr/bin/env python3

import sys

def main(string):

alphabet = list("abcdefghijklmnopqrstuvwxyz" * 2)

for shift in range(26):

output = ""

for char in string:
try:
output += alphabet[alphabet.index(char) + shift]
except:
output += char

print("-> %s\t%s" % (shift, output))

if __name__ == "__main__":
main(" ".join(sys.argv[1::]).lower())
```

Here it is being used to solve this challenge.

```
$ ./caesar-cipher.py vjg rcuuyqtf ku ngctpkpi_ecguct_ekrjgtu_ku_hwp!
-> 0 vjg rcuuyqtf ku ngctpkpi_ecguct_ekrjgtu_ku_hwp!
-> 1 wkh sdvvzrug lv ohduqlqj_fdhvdu_flskhuv_lv_ixq!
-> 2 xli tewwasvh mw pievrmrk_geiwev_gmtlivw_mw_jyr!
-> 3 ymj ufxxbtwi nx qjfwsnsl_hfjxfw_hnumjwx_nx_kzs!
-> 4 znk vgyycuxj oy rkgxtotm_igkygx_iovnkxy_oy_lat!
-> 5 aol whzzdvyk pz slhyupun_jhlzhy_jpwolyz_pz_mbu!
-> 6 bpm xiaaewzl qa tmizvqvo_kimaiz_kqxpmza_qa_ncv!
-> 7 cqn yjbbfxam rb unjawrwp_ljnbja_lryqnab_rb_odw!
-> 8 dro zkccgybn sc vokbxsxq_mkockb_mszrobc_sc_pex!
-> 9 esp alddhzco td wplcytyr_nlpdlc_ntaspcd_td_qfy!
-> 10 ftq bmeeiadp ue xqmdzuzs_omqemd_oubtqde_ue_rgz!
-> 11 gur cnffjbeq vf yrneavat_pnrfne_pvcuref_vf_sha!
-> 12 hvs doggkcfr wg zsofbwbu_qosgof_qwdvsfg_wg_tib!
-> 13 iwt ephhldgs xh atpgcxcv_rpthpg_rxewtgh_xh_ujc!
-> 14 jxu fqiimeht yi buqhdydw_squiqh_syfxuhi_yi_vkd!
-> 15 kyv grjjnfiu zj cvriezex_trvjri_tzgyvij_zj_wle!
-> 16 lzw hskkogjv ak dwsjfafy_uswksj_uahzwjk_ak_xmf!
-> 17 max itllphkw bl extkgbgz_vtxltk_vbiaxkl_bl_yng!
-> 18 nby jummqilx cm fyulhcha_wuymul_wcjbylm_cm_zoh!
-> 19 ocz kvnnrjmy dn gzvmidib_xvznvm_xdkczmn_dn_api!
-> 20 pda lwoosknz eo hawnjejc_ywaown_yeldano_eo_bqj!
-> 21 qeb mxpptloa fp ibxokfkd_zxbpxo_zfmebop_fp_crk!
-> 22 rfc nyqqumpb gq jcyplgle_aycqyp_agnfcpq_gq_dsl!
-> 23 sgd ozrrvnqc hr kdzqmhmf_bzdrzq_bhogdqr_hr_etm!
-> 24 the password is learning_caesar_ciphers_is_fun!
-> 25 uif qbttxpse jt mfbsojoh_dbftbs_djqifst_jt_gvo!
```

The only one that makes sense is when it is rotated 24 times.

`the password is learning_caesar_ciphers_is_fun!`

Original writeup (https://github.com/shawnduong/ctf-writeups/blob/master/2019-BCA/crypto/cracking-the-cipher.md).