Matryoshka is hiding a flag in its heart. Open it layer by layer, and get the flag!
Matryoshka a.k.a. Russian nesting dolls are a set of wooden dolls of decreasing size which are designed to fit inside each other. The name of this challenge suggested that there would be multiple layers of challenges to solve
This challenge provided us with a file containing a large base64 encoded string:
Decoding the base64 to ascii produced another base64 string but with additional obstacles:
- The entire string was reversed
<removeme>was placed into the string at random positions- Some characters had diacritics
Decoding this layer produced another layer with similar obstacles.
Some stages also decoded to hexadecimal which, when converted to ASCII would also produce the next layer of the challenge
Using GCHQ's CyberChef we can create a recipe which will solve each stage of this nested puzzle:
- Regex to remove the random strings and brackets at the start and end:
(\\[\d+\.\d+\])|[\-\[\]] - Removing diacritics from letters
- Replacing ø with o (Remove diacritics does not convert this character)
- Reversing the string where necessary
- Remove the duplicate letters from the final stage
- Decoding hexadecimal to ASCII where necessary
- Decoding base64 to ASCII
Find_/_Replace({'option':'Regex','string':'(\\[\\d+\\.\\d+\\])|[\\-\\[\\]]'},'',true,false,true,false)
From_Base64('A-Za-z0-9+/=',true)
Reverse('Character')
Remove_Diacritics()
Find_/_Replace({'option':'Regex','string':'ø'},'o',true,false,true,false)
Find_/_Replace({'option':'Regex','string':'<removeme>'},'',true,false,true,false)
Find_/_Replace({'option':'Regex','string':'<removeme>'},'',true,false,true,false)
Find_/_Replace({'option':'Regex','string':'(\\w+|\\d+)\\.(\\w+|\\d+)|[\\[\\]\\-\\.]'},'',true,false,true,false)
From_Base64('A-Za-z0-9+/=',true)
Find_/_Replace({'option':'Regex','string':'(\\w+|\\d+)\\.(\\w+|\\d+)|[\\[\\]\\-\\.]'},'',true,false,true,false)
Reverse('Character')
From_Hex('Auto')
Find_/_Replace({'option':'Regex','string':'(\\w+|\\d+)\\.(\\w+|\\d+)|[\\[\\]\\-\\.]'},'',true,false,true,false)
From_Base64('A-Za-z0-9+/=',true)
Remove_Diacritics()
Find_/_Replace({'option':'Regex','string':'ø'},'o',true,false,true,false)
Find_/_Replace({'option':'Regex','string':'<removeme>'},'',true,false,true,false)
Find_/_Replace({'option':'Regex','string':'(\\w+|\\d+)\\.(\\w+|\\d+)|[\\[\\]\\-\\.]'},'',true,false,true,false)
From_Base64('A-Za-z0-9+/=',true)
Find_/_Replace({'option':'Regex','string':'(\\w+|\\d+)\\.(\\w+|\\d+)|[\\[\\]\\-\\.]'},'',true,false,true,false)
From_Base64('A-Za-z0-9+/=',true)
Find_/_Replace({'option':'Regex','string':'(\\w+|\\d+)\\.(\\w+|\\d+)|[\\[\\]\\-\\.]'},'',true,false,true,false)
From_Hex('Auto')
Remove_Diacritics()
Find_/_Replace({'option':'Regex','string':'(\\w+|\\d+)\\.(\\w+|\\d+)|[\\[\\]\\-\\.]'},'',true,false,true,false)
From_Base64('A-Za-z0-9+/=',true)
Find_/_Replace({'option':'Regex','string':'(\\w+|\\d+)\\.(\\w+|\\d+)|[\\[\\]\\-\\.]'},'',true,false,true,false)
From_Hex('Auto')
Find_/_Replace({'option':'Regex','string':'(\\w+|\\d+)\\.(\\w+|\\d+)|[\\[\\]\\-\\.]'},'',true,false,true,false)
Reverse('Character')
From_Base64('A-Za-z0-9+/=',true)
Remove_Diacritics()
Reverse('Character')
Find_/_Replace({'option':'Regex','string':'<removeme>'},'',true,false,true,false)
Find_/_Replace({'option':'Regex','string':'<removeme>'},'',true,false,true,false)
Find_/_Replace({'option':'Regex','string':'(\\w+|\\d+)\\.+(\\w+|\\d+)|[\\[\\]\\-\\.]'},'',true,false,true,false)
Find_/_Replace({'option':'Regex','string':'(.).'},'$1',true,false,false,false)
From_Base64('A-Za-z0-9+/=',true)
- (Use "Load recipe" in CyberChef and copy-paste this)
With the full recipe and initial input, the output is our final flag:
pactf{gr4nm0tr_DoLl}