Home > Writeups > Raptor Weekly 2 - ECHELON Crypto 1 - 2.2 ; DEAD DROP

Raptor Weekly 2 - ECHELON Crypto 1 - 2.2 ; DEAD DROP

Extracting an RC4 key hidden in a request ID header from the Tier 2 network capture and using it to decrypt an intercepted message that reveals the second half of a JWT signing secret.

Date: May 10, 2026 Category: Crypto Difficulty: Medium Views: 5
Tags:
crypto rc4 ECHELON Raptor-Weekly

2.2 ; DEAD DROP

Challenge Description

An encrypted message recovered from the ECHELON internal drop point. The decryption key was already in your hands.

Files provided: message.rc4

Required: intercept.pcap from 2.1 ; INTERCEPT

Overview

The file is RC4-encrypted. The key is not provided directly, it is embedded in the INTERCEPT PCAP from 2.1 as the value of the X-Request-ID response header in the authentication exchange. Decrypting the message yields JWT_PT2, the second half of the JWT secret needed in 2.3 ; SIGNED.

Step 1: Find the Key

Go back to intercept.pcap. The server's response to the POST /api/v1/auth contains an X-Request-ID header that was not relevant to the previous challenge. Read it now:

X-Request-ID: 4a9c2f81

This 8-character hex string is the RC4 key.

Step 2: Decrypt

RC4 is a symmetric stream cipher, encryption and decryption use the same operation. Implement it directly or use any standard crypto library:

def rc4(key, data):
    key = [b for b in (key if isinstance(key, bytes) else key.encode())]
    S   = list(range(256))
    j   = 0
    for i in range(256):
        j = (j + S[i] + key[i % len(key)]) % 256
        S[i], S[j] = S[j], S[i]
    i = j = 0
    out = []
    for byte in data:
        i = (i + 1) % 256
        j = (j + S[i]) % 256
        S[i], S[j] = S[j], S[i]
        out.append(byte ^ S[(S[i] + S[j]) % 256])
    return bytes(out)

ct = open("message.rc4", "rb").read()
pt = rc4(b"4a9c2f81", ct)
print(pt.decode())

Alternatively: CyberChef (https://gchq.github.io/CyberChef) with the RC4 operation and key 4a9c2f81 in UTF-8 mode.

Step 3: Extract JWT_PT2

The decrypted message contains:

SESSION KEY FRAGMENT ; PART 2 OF 2
VALUE ; ession.key.2026!
FLAG ; ECHELON{the_key_was_in_the_packet}

The value ession.key.2026! is JWT_PT2 in plaintext. Combined with JWT_PT1 from 2.1, the full JWT secret is:

echelon.node07.session.key.2026!

Bring both halves to 2.3 ; SIGNED.

Key Takeaways

RC4 is considered broken for modern use, its keystream has statistical biases and the cipher is vulnerable to related-key attacks when keys are derived carelessly (see WEP). For a CTF the relevant lesson is simpler: leaving artifacts like request IDs, correlation tokens, or session identifiers in captured traffic means the capture itself becomes a keying material leak. Every field in a network capture is potentially meaningful to an attacker who has seen the corresponding ciphertext.

Flag

ECHELON{the_key_was_in_the_packet}

< Back to All Writeups

ma1ice@ctf:~/writeups$ cat raptor-weekly-2-echelon-crypto-1-2-2-dead-drop.md | wc -l

Published 2026-05-10 • Crypto