Straightforward, and perhaps classic challenge. This takes advantage of the fact that both images are encrypted using the same xor key. We can leak information of the flag by xor the two ciphertext, or the two files given. There are different snippets of code which can do this, which weirdly is not available online. The following is to do xor on RGB values of pixel by pixel. daneallen from Cryptohack:...
We are given a public RSA key that is used in the X509 certificate for the HTTPS connection to a Cryptohack domain. I solve it in the easy way, and uses a subdomain lookup site. A good one to use is crt.sh, and the query is https://crt.sh/?q=cryptohack.org, or https://subdomains.whoisxmlapi.com/. We can go over the list of subdomains to find the correct subdomain for the solution. We can instead solve this without using this comprehensive list of subdomains....