Skip to content
CTF

CTF Cryptography Reference

Common ciphers, encoding, and crypto challenges

Encoding Detection

Identify Encoding Type

TEXT 
Base64: Ends with = or ==, characters A-Za-z0-9+/
Base32: Uppercase + numbers 2-7, often ends with ===
Hex: Only 0-9 and a-f/A-F
Binary: Only 0 and 1
URL: Contains %XX patterns

Base Encodings

Base64

BASH 
# Decode
echo "SGVsbG8gV29ybGQ=" | base64 -d
base64 -d file.txt

# Encode
echo "Hello" | base64

Base32

BASH 
# Decode
echo "JBSWY3DPEB3W64TMMQ======" | base32 -d

# Encode
echo "Hello" | base32

Base58 (Bitcoin)

PYTHON 
# Python
import base58
base58.b58decode("encoded_string")

Hex

BASH 
# Decode
echo "48656c6c6f" | xxd -r -p

# Encode
echo -n "Hello" | xxd -p

Classical Ciphers

Caesar/ROT

BASH 
# ROT13
echo "Uryyb" | tr 'A-Za-z' 'N-ZA-Mn-za-m'

# ROT with custom shift (use keysec.in)
# Try ROT1-25 if unknown shift

Vigenère

TEXT 
Key repeats: KEYKEYKEYKEY
Plaintext:   HELLO WORLD
Ciphertext:  encrypted

Tools: dcode.fr, keysec.in,
If key unknown, try frequency analysis

Atbash

TEXT 
A↔Z, B↔Y, C↔X...
echo "SVOOL" | tr 'A-Z' 'ZYXWVUTSRQPONMLKJIHGFEDCBA'

Substitution Cipher

TEXT 
Use frequency analysis
E, T, A, O, I, N are most common
quipqiup.com for auto-solve

Modern Crypto

RSA

PYTHON 
# If n can be factored
from Crypto.Util.number import long_to_bytes
import gmpy2

# Known: n, e, c
# Find p, q (factordb.com)
phi = (p-1) * (q-1)
d = gmpy2.invert(e, phi)
m = pow(c, d, n)
plaintext = long_to_bytes(m)

# Common attacks:
# - Small e (e=3): cube root attack
# - Common modulus
# - Wiener attack (large e)
# - Fermat factorization (p≈q)

XOR

PYTHON 
# Single byte XOR
from pwn import xor
result = xor(ciphertext, key)

# Find key with frequency analysis
# Look for common byte (space=0x20)

AES

PYTHON 
from Crypto.Cipher import AES

# ECB mode (no IV)
cipher = AES.new(key, AES.MODE_ECB)
plaintext = cipher.decrypt(ciphertext)

# CBC mode
cipher = AES.new(key, AES.MODE_CBC, iv)
plaintext = cipher.decrypt(ciphertext)

Hash Cracking

Identify Hash

BASH 
hashid "hash_string"
hash-identifier

Common Hash Lengths

TEXT 
MD5:     32 hex chars
SHA1:    40 hex chars
SHA256:  64 hex chars
SHA512:  128 hex chars

Crack with Hashcat

BASH 
# MD5
hashcat -m 0 hash.txt wordlist.txt

# SHA1
hashcat -m 100 hash.txt wordlist.txt

# SHA256
hashcat -m 1400 hash.txt wordlist.txt

Crack with John

BASH 
john --format=raw-md5 hash.txt
john --wordlist=rockyou.txt hash.txt

Online Lookup

TEXT 
crackstation.net
hashes.com
md5decrypt.net

Tools

KeySec

TEXT 
https://keysec.in/

RsaCtfTool

BASH 
python RsaCtfTool.py --publickey pub.pem --private
python RsaCtfTool.py --publickey pub.pem -n N -e E --uncipher CIPHER

dCode

TEXT 
dcode.fr - Many cipher solvers

Quick Identification

TEXT 
Weird characters: Substitution or transposition
Repeating patterns: XOR or Vigenère  
Numbers only: Decimal ASCII or phone keypad
Large numbers: RSA or modular arithmetic
== at end: Base64
=== at end: Base32
Back to Cheatsheets
On this page