The Sleeper Cell is a new Hacktoria Contract which just dropped today. When we check out our initial intel we are greeted with a prologue about a nihilistic and violent anti-human terror cell. Each time I begin a contract I take all of my initial data from the briefing and put it in one place, so let us do that here:
@@@@@@
Greetings, Special Agent K.
We have an urgent matter on our hands. For several months we’ve been investigating a group called “Androktasiai”. A radical organization who believes in cleansing the planet of what they call gluttony. Believing firmly that humans are a disease that needs to be exterminated, this radical group is well organized and is preparing to strike several targets.
After breaching one of their email accounts, we were able to extract a sent item. The metadata didn’t prove to be of much help, as it was sent to a disposable 10minutemail address.
The contents however are of great interesting. We believe it contains instructions sent from one of the groups’ leaders to a sleeper cell. This sleeper cell will now be activated and preparing to carry out an attack somewhere.
It is your task to figure out what the text means and provide any intelligence about the plans of this organization.
As always, Special Agent K. The Contract is yours, if you choose to accept.
The password will be in the follow format: ((this-is-the-flag))
Include the (( )) in the password as well.
Recovered e-mail text:
SSB1cmdzIG9rZSBscGlhIHR2cHYgbXluIGhzZGUgaWxlaHJyaSB5b212ZCB3dWcgZXAgaHJ4IHdnemRhIGF5dXZvbnIgc2h3a21uICh2aSBwY2UgdHJ3IHZvYiBtYnZrIHJlZWwsIGFvbndybnFrLCBveHcgZmd3bHFzdSkgd3lzIG14cmxpaXYgbW53a3NiIGhmIGxwZSB0ZW51ZXNuIEloYXRvYW9ja3ZmYyB1bHdhc21kIGZ3ZmJvLCBwaHd6ZXduIE5vdHZvZnkgb3dyc3MsIGprenpvIHBlIHd2ZG1haXJpIGh5IGllam5la3QgZ2t2IHd3aWVqbmVrdCwgbnF1IGhydHQgb3F0cCB0dWxldWMgZm9qbSB0cGVhIHN2ZnB4Y2wuIElubCBmYnUga3ZrbSBuc2J1emUgdWRqIHJvZWlubXJtZCBodiBrdm8gYm1obXJuZXB3IGZidnIgd2FiaCBiaHIgc3ZmcHhjbCwgcXQgcXMgYnhpIGRra3QgbHcgbWlrciB3eXMgd3R0bG1yIChxbiBna3YgdHlrbXd6IENwYWN3dmZjIHdldXRhemVxIHhlaHkgbnMpIGV3cm0gdHVoZSBkb2tmd2t0IGp5IGJ4aSBvYm1peHFjcWF5IG9ycHlrLiBBZmwgaW4gd3IgbmVjZyBnb2wgYmhtIG1ucWVzYiBoZiBvd3JzaWFqLCBudmttIGlrIGJobSBjbnhqcyBkYWFsIGVlIGxvIGFyayBnb3ggaGdlIG5pdGh1diAoa3JiY3ogd2YgdG9haiBrd3d4IGhzYSBwbXJzaHRob3cgbXdiYXRzKSBxcnZnIG1obmxxbmNheW9wIGt5a2shIFZ3IHdtIG5idyBqc28sIG1oc2IgaXYgdHVoIER3eHhzIGxwcnd1dGsga3ZvIHZvZmJpdnVubyB5c2ttIHR6aXQgcXMgdnEga3ZvIGZvbXZ0aWlhdiBrdm9rZWduLCB0cGUgdHVmZ2NnZWthIG9uIHdud3ZmIHNsIHNnIGxla29wd3ZyIGtnZCBscGlra3JxdnIsIGRhYWwgcW4ga29hd3piZXRudW0gb24gdHZwdiB3ZCB1ZXV3bW1zIE51eHN4bS12YWRlPyBJbnEgd3lvZCBoZiBscGUgbmFncXZnYyBoZiBscGUgbWFld3kgaHJrb21vaCBiaHIgdnJhbyBhZXNiIGF2ZCBxaHRjbW1pZ3YsIFNjbGNrbGYgc2wgZWZvZXZkcnV2ciEgS2dkIGxwYWIgdHV1ZmlxYSB0em0gc2ltciBrdm9kIHBpbHBvY3QgdnFrc2JmaWthaXduIHByZWhzZ3V3bCBpdiB0dWhkLCBvdmUgbXdiYXRzIG51diBzeHplZmxlemVxIHJ3IGhyeG0gc2tjd3JxbGV1IGRoIHR6bWl6IHBodXpoaSB0bnYgcW14dWVsa20/IGtnZCBscGFiIG5ud2xmbyB3b3dhIGJnIGRyZmZxZGJvZiBpbHduciBzdmZweGNsIHdyIHVheGggcnp2IGZlbGlsYSwgYWYgenZ6diBpZWpuZWt0IG52IHphenhyeG1jYj8gMCBla3dpc3d4IG1zbG5tc2YhIHp5b2QsIEIgcGppeSBnb2gsIGZmYmNtcnNxbmEgeWJ4IGtjIGN4ZWMgYm8geGVlaXZxZCBtaHcgbm96ZWZkenIgZGFpZm9zIGp5IGZ3aW94emUgZW1saW5wa2Z6c3ZhZCBpbmwgZm5xa29jbWl1aWwgemV0bGRzeG1zISBzYSBvdmUgZmRwZzogR2hlIGx3IHl3dSBna3JoIGdibGQgd3ZtcnByZHMgeHR0bXplLCBpbnEgcHJ5byBmZWxpbGEgbWJ1diBocnhuIGhtcm5lcHcgc20gayBnZW8gemVvaXpoZWgsIHlrIHdnemsgYXBleGV1IHBrb2UgZ29jciBiemUgZ29nc3d0ZWFzIG91cnd4bC4gR2dsIGhpcyB0bG1zeCBtbyBmaXRjcnIgZCBqaGJ0aXlwdCBlYWwsIHdmIGtzbSwgY2d2dHFuaGRjIHF5Z2Nna3Rxb2EsIGRlciBpaHUgZHFrbSBmYnJjZyBueHNocXNtIGlnLCByaSBzdmxlIGN2b2UgaWcgcWZoLiAoKENoRmEtQXRpZHZ4ZC0zMy45NTM0MTcsLTExOC4zMzg4NjMsMTgpKSBPcXRpZiwgbml6ZSBucXUgT2podCwgc3plIGF1c2l6cXN4bmwgbm96IHlieC4gUmJuIGJuIHN2b2JocnUgZ3prdmUsIFptYWIgcHJ1d3NtbXMgc3RsIGJodnF4Zy4gS2dkIHd0c213dWhpcywgY3hlLCBrbWUsIGFlciwgZGVyIGx4IG5nYiB3bWFlYi4gUmJuIGJuIHN2b2JocnUgZ3prdmUsIGRtdCBnb2h1IHd3YnggYncgb2V2dHloLCByYm4geGFrZywgd3BpcGsgc3NzZ2cgc3R3aXlmIGhoaWtlLCBtc2cgY3duZ2xlaW8gdXVqdml2ZzogbnF1IHpvbSBpbCB2b2IgaWFmaXNrbGUsIHh3ciBxZiB2dyB1Y29sLCB5Z2Mgc3BheW8gamlweWVqIG9ybWFnIG9mZ2MuIFRudiBxbiBpbmJ3eXNiIGlsc2tlLCBTbmJ6IHBjZSBtaHNiIGl2IG9haCBrdnNnZywgbHcgd3F0LCBna3YgZ2RobncsIGp5IHduciB6cm0sIGRoIHdhYiwgZG1jYmZrd3lnLCBhZmwgaXYgb2FoIG1zY2xlZCBiaG0gd3VyY3Mgd3RzbG1yZyBpZiBzdmZwaHJlbWQuIElucSBsZSBveGh0em1yIHhsbmZ2LCBka21pd3Z0dHksIG5xdSBxeWd0YXZ1aWx5YiwgcmJuIGJuIHN2b2JocnUgZ3prdmUsIHl6aXZkIHZ3IGpzZnhuIGxxbW1zLiBOcXUgd3ggdG5nYmhtciBjb3JxbywgQnQgYWEgZ3pvaHF1IGtzbWggeHFybSwgQWFnIHpiIGtnb2xwZXogcHlkdHMsIGRhaWsgZW96ayB2diBtc2JyIGxhc2UgYm8gZ2t2IHFieGFscW92IG9zIHByYjogcGhyIHNhIHRwZSBWcXdveG0gaWYgYmhtIGJyanpieGJueSBxcyB2b2h1emdyeGQgb3F0cCBsdmp5aCB3eGFsYSwgYmN0IGdrdiBweWdlayBqZXFudCB2a2ZvZ2dscGV2ZXEgenpociBsdGp3bm9lZTogdmYgaHJicyBlaXNiZWViIHJ6Y2gsIGZhenNiIGlnIHBsZ2QgYWFubSBhdiBlbnZwIHRza2UsIG9wZXplb2IgbnMgd25zbCBpbGVhbHYgbmNiZCBpZiBtdm1ybCBoamdvZ2N3IHdmIGxlcHJ0aHNobi4gU3ZkIGJoYnh4diBneCBhZGVhZ3MgZnN2b3UgaGYgcyBvZXZ0eWggd3dieCwgeXdiIGl2IHRleGt2LCBneCB0enFucyB0dWRrIHd4IHpvbm1ydmlhaiBrdm8gcG9qcywgdHBlIHNsaXMgd25zbCBpbGVhbHYgc20gdmJ0bHRlIGlucSBvemhkZWUgdG0gaXZjZWhyZ293IGFmbCBhY2d6aGVob3cgdWZibyBiaHIgaGVyLg==
@@@@@@
Now upon first glance what we appear to have here is a heavy chunk of encoded text. My suspicion initially is that the text is Base64 encoded. Base64 is a group of encoding schemes with a number of applications in the real world, and is seen often in cryptography challenges. I drop the chunk of text into https://www.dcode.fr to confirm that it’s B64, and it is in fact encoded in this way. However; this does not give us the answer as our decoded output is still not readable.
I urgs oke lpia tvpv myn hsde ilehrri yomvd wug ep hrx wgzda ayuvonr shwkmn (vi pce trw vob mbvk reel, aonwrnqk, oxw fgwlqsu) wys mxrliiv mnwksb hf lpe tenuesn Ihatoaockvfc ulwasmd fwfbo, phwzewn Notvofy owrss, jkzzo pe wvdmairi hy iejnekt gkv wwiejnekt, nqu hrtt oqtp tuleuc fojm tpea svfpxcl. Inl fbu kvkm nsbuze udj roeinmrmd hv kvo bmhmrnepw fbvr wabh bhr svfpxcl, qt qs bxi dkkt lw mikr wys wttlmr (qn gkv tykmwz Cpacwvfc weutazeq xehy ns) ewrm tuhe dokfwkt jy bxi obmixqcqay orpyk. Afl in wr necg gol bhm mnqesb hf owrsiaj, nvkm ik bhm cnxjs daal ee lo ark gox hge nithuv (krbcz wf toaj kwwx hsa pmrshthow mwbats) qrvg mhnlqncayop kykk! Vw wm nbw jso, mhsb iv tuh Dwxxs lprwutk kvo vofbivuno yskm tzit qs vq kvo fomvtiiav kvokegn, tpe tufgcgeka on wnwvf sl sg lekopwvr kgd lpikkrqvr, daal qn koawzbetnum on tvpv wd ueuwmms Nuxsxm-vade? Inq wyod hf lpe nagqvgc hf lpe maewy hrkomoh bhr vrao aesb avd qhtcmmigv, Sclcklf sl efoevdruvr! Kgd lpab tuufiqa tzm simr kvod pilpoct vqksbfikaiwn prehsguwl iv tuhd, ove mwbats nuv sxzeflezeq rw hrxm skcwrqleu dh tzmiz phuzhi tnv qmxuelkm? kgd lpab nnwlfo wowa bg drffqdbof ilwnr svfpxcl wr uaxh rzv felila, af zvzv iejnekt nv zazxrxmcb? 0 ekwiswx mslnmsf! zyod, B pjiy goh, ffbcmrsqna ybx kc cxec bo xeeivqd mhw nozefdzr daifos jy fwioxze emlinpkfzsvad inl fnqkocmiuil zetldsxms! sa ove fdpg: Ghe lw ywu gkrh gbld wvmrprds xttmze, inq pryo felila mbuv hrxn hmrnepw sm k geo zeoizheh, yk wgzk apexeu pkoe gocr bze gogswteas ourwxl. Ggl his tlmsx mo fitcrr d jhbtiypt eal, wf ksm, cgvtqnhdc qygcgktqoa, der ihu dqkm fbrcg nxshqsm ig, ri svle cvoe ig qfh. ((ChFa-Atidvxd-33.953417,-118.338863,18)) Oqtif, nize nqu Ojht, sze ausizqsxnl noz ybx. Rbn bn svobhru gzkve, Zmab pruwsmms stl bhvqxg. Kgd wtsmwuhis, cxe, kme, aer, der lx ngb wmaeb. Rbn bn svobhru gzkve, dmt gohu wwbx bw oevtyh, rbn xakg, wpipk sssgg stwiyf hhike, msg cwngleio uujvivg: nqu zom il vob iafiskle, xwr qf vw ucol, ygc spayo jipyej ormag ofgc. Tnv qn inbwysb ilske, Snbz pce mhsb iv oah kvsgg, lw wqt, gkv gdhnw, jy wnr zrm, dh wab, dmcbfkwyg, afl iv oah mscled bhm wurcs wtslmrg if svfphremd. Inq le oxhtzmr xlnfv, dkmiwvtty, nqu qygtavuilyb, rbn bn svobhru gzkve, yzivd vw jsfxn lqmms. Nqu wx tngbhmr corqo, Bt aa gzohqu ksmh xqrm, Aag zb kgolpez pydts, daik eozk vv msbr lase bo gkv qbxalqov os prb: phr sa tpe Vqwoxm if bhm brjzbxbny qs vohuzgrxd oqtp lvjyh wxala, bct gkv pygek jeqnt vkfogglpeveq zzhr ltjwnoee: vf hrbs eisbeeb rzch, fazsb ig plgd aanm av envp tske, opezeob ns wnsl ilealv ncbd if mvmrl hjgogcw wf leprthshn. Svd bhbxxv gx adeags fsvou hf s oevtyh wwbx, ywb iv texkv, gx tzqns tudk wx zonmrviaj kvo pojs, tpe slis wnsl ilealv sm vbtlte inq ozhdee tm ivcehrgow afl acgzhehow ufbo bhr her.
Seems like a bunch of nonsense, right? Well a quick glance we can see some text that resembles our expected password format. So I drop this encoded text into decode.fr as well. The site recognizes the text as encrypted with the Vigenère cipher, another cipher format that CTF players may be familiar with as it tends to show up from time to time. From Wikipedia: The Vigenère cipher is a method of encrypting alphabetic text by using a series of interwoven Caesar ciphers, based on the letters of a keyword. So, all we should need to decrypt this text is a keyword. Where would we find something like that? Well, lets again take a look at our source intel: we know that we are investigating a terror group, so could it be something so simple as the name of the organization? Worth a shot. In decode.fr I analyze the encrypted text using Androktasiai as the keyword for the Vigenère cipher, and this turns out to be the correct key. We get the decrypted output:
I hope ere this time you have already found out by the words already spoken (if you are not most dull, ignorant, and foolish) the certain matter of the learned Philosophers blessed stone, whereon Alchemy works, while we endeavor to perfect the imperfect, and that with things more then perfect. And for that nature has delivered us the imperfect only with the perfect, it is our part to make the matter (in the former Chapters declared unto us) more then perfect by our artificial labor. And if we know not the manner of working, what is the cause that we do not see how nature (which of long time has perfected metals) does continually work! Do we not see, that in the Mines through the continual heat that is in the mountains thereof, the grossness of water is so decocted and thickened, that in continuance of time it becomes Argent-vive? And that of the fatness of the earth through the same heat and decoction, Sulphur is engendered! And that through the same heat without intermission continued in them, all metals are engendered of them according to their purity and impurity? and that nature does by decoction alone perfect or make all metals, as well perfect as imperfect? 0 extreme madness! what, I pray you, constrains you to seek to perfect the foresaid things by strange melancholical and fantastical regiments! as one says: Woe to you that will overcome nature, and make metals more then perfect by a new regiment, or work sprung from your own senseless brains. God has given to nature a straight way, to wit, continual concoction, and you like fools despise it, or else know it not. ((SoFi-Stadium-33.953417,-118.338863,18)) Again, fire and Azot, are sufficient for you. And in another place, Heat perfects all things. And elsewhere, see, see, see, and be not weary. And in another place, let your fire be gentle, and easy, which being always equal, may continue burning: and let it not increase, for if it does, you shall suffer great loss. And in another place, Know you that in one thing, to wit, the stone, by one way, to wit, decoction, and in one vessel the whole mastery is performed. And in another place, patiently, and continually, and in another place, grind it seven times. And in another place, It is ground with fire, And in another place, this work is very like to the creation of man: for as the Infant in the beginning is nourished with light meats, but the bones being strengthened with stronger: so this mastery also, first it must have an easy fire, whereby we must always work in every essence of decoction. And though we always speak of a gentle fire, yet in truth, we think that in governing the work, the fire must always by little and little be increased and augmented unto the end.
And thus our password:
((SoFi-Stadium-33.953417,-118.338863,18))
:D
https://hacktoria.com/contracts/the-sleeper-cell/
https://www.dcode.fr/vigenere-cipher
