(misc) SnakeCTF2025 - The Real Crypto Master
Category: osint
Author: Federico Bertossi (mrByMax)
Description
It’s common sense that “crypto” stands for “cryptocurrency”. With my masterclass you will learn everything you need to be like me! You only need to find me :)
Important: This challenge is a multi-part challenge, also, remember to add { in the right place!
Disclaimer: Organisers’ personal websites are out of scope. There’s no need to code anything to solve this challenge. Every attack directed to any website with the purpose of solving this challenge is forbidden and will result in a ban. If in doubt, open a ticket!
Writeup
Analyzing “osint_crypto.zip”
The provided archive osint_crypto.zip contains a public .csv file, expenses.csv, with a list of various expenses our target has made during March 2025. But the zip archive contains a hidden .DS_Store file.
Unzipping every file solves the problem easily and we can now see the new file, .DS_Store. Reading it with a text editor quickly reveals the username @bepifrico.
Using the sherlock tool with the given username, we discover several accounts, including Youtube and Letterboxd.
Youtube channel
Youtube looked like an approachable route (I thought about “crypto online courses”… I wasn’t supposed to find it this way, but it worked). On the youtube channel there is a livestream broadcasting morse code.
I managed to write out what I heard and got this:
... -. .- -.- . -.-. - ..-. ....- -- -- ....- .-. ...-- -.-. .... .---- ....- .-. ----- -. ..- -. --... ...-- ..-. ....- .---- ...-- --... .-. ..- ...- ....-
Used a web decoder and this was the first part of the flag:
SNAKECTF4MM4R3CH14R0NUN73F4137RUV4
Which is clearly referring to the song “Marechià” by Nu Genea, neapolitan singer (and amazing song too)!
Letterboxd profile
The live was about some “film review” and I immediately thought letterboxd kept our next part of the flag. The letterboxd profile contains a single, easy-to-find review that contains the second part of the flag:
_1V3_41W4Y5_W4N73D_70_54Y_F14M3_0N}
After merging the two separate parts we got from Youtube and Letterboxd and adding the “snakeCTF{” prefix, we obtain our definitive flag.
blog 
event 
asm 
writeup 
K!nd4SUS2025 
competition 
CTF 
crypto 
misc