This is a medium level cryptography challenge
We are given a .csr file. I looked around on the web trying to find information about what a CSR file is and got myself familiar to it.
I spawned the webshell in picoctf, used wget to download the file and checked what type of file it was.
file readmycert.csr
It was a PEM file. A PEM file is a Base64-encoded container format that stores cryptographic keys, certificates, or other data enclosed between header and footer lines.
Now I knew I had to use OpenSSL to check the file and its contents.
I used the command:
openssl req -in readmycert.csr -noout -text
I found the flag in the contents of that file.
Happy hacking!
Top comments (0)