RSAC picoCTF Guide

Previous Level Guide: CC Strings

COLOR-CRYPTO-KEYS

Name: COLOR-CRYPTO-KEYS
Description: The mysterious picoCTF designer has encrypted all our files, but we've found this web page we think could unlock it. Can you find the key? The mysterious webpage is here.
Type: Forensics
Challenge from: RSAC picoCTF 2025
Hints:
1. Beauty is in the bytes of the beholder.
2. It's sad the color #c0ffee isn't black like coffee.
3. It's also sad that #c0ffee actually spells Àÿî in extended ASCII.

Theory

According to the description, to get the flag we have to find it encrypted in some place in the website we're given. This doesn't give us much more info than that, so let's go to the website and find out over on the solution.

Solution

So let's enter to the website and see what might be hiding here:

Nothing interesting there let's look at the code of the webpage:

Yeah, it seems the colors are actually decimal characters disguised between the rgb css function for colors, but yeah, we'll just grab those numbers and remove the 0 NULL characters at the end there, and we get this:

DECIMAL TO TEXT (online converter)

INPUT: 99, 111, 108, 111, 114, 105, 115, 116, 104, 101, 107, 101, 121

OUTPUT: coloristhekey

There we go! That's the flag.

Don't be dumb like me and put the flag format around the coloristhekey thing, because you don't need it, and I was for an hour looking for why it wouldn't let me enter the flag, until someone in the discord server told me that you don't need to wrap it around the picoCTF{}, it's just that by itself.