Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Great post, thoroughly enjoyed reading it.

BTW, on a side note, when you try and visit the blog's homepage[0] and scroll down to the bottom, you find a link to an actual (password protected) PDF file called Mango.pdf[1]. The author 'Alex' says the password for the PDF has been embedded in the page and it didn't take me a lot of time to figure the password out from the HTML source[2].

But when I opened the PDF, I was hit with this random string of characters:

cGJhdGVuZ2h5bmd2YmFmLCBsYmggZmJ5aXJxIHpsIHlodnR2IGNobW15ci4gQCB6ci BiYSBnanZnZ3JlIGp2Z3UgbGJoZSBzbmliaGV2Z3IgcXJmZnJlZyBnYiB0cmcgbGJo ZSBlcmpuZXEuIFZnJ2YgeXZ4ciwgYWJnIG4gaXJlbCB0YmJxIGVyam5lcSBmYiBodQ o=

I tried to decode this using every available decoder, but it only throws up random result. Was wondering if any of you smart people here had any idea about this code.

[0] https://mango.pdf.zone/

[1] https://mango.pdf.zone/mango.pdf

[2] view-source:https://mango.pdf.zone/

EDIT: SOLVED IT!

As the commenters who replied to me mentioned, this puzzle is double-encoded. I think the trick is to figure out which decoder to use first.



CyberChef[0] has a 'magic' decoder that tries out different encodings for you.

[0] https://gchq.github.io/CyberChef/#recipe=Magic(3,false,false...


There are two layers to that encoding. When you see a random string of characters and numbers ending with one or two equals signs, think of base64. Then when you see something that seems like word groups with spaces, think of rot* (* = 13 being the most common version) encoding.


Thank you. I solved it. My decoding sequence was wrong before (I was trying to decode in reverse), but your pointers helped me.


I decoded it probably in the same way you tried, but I wouldn't call the result "random" in the space of possibilities. A random result of that kind of decoding would likely involve binary data that can't map cleanly to letters the way this did. You've just gotta go deeper!


Hint: try ROT13.


Quick posix shell rot13 tip: pipe it into:

tr '[A-Za-z]' '[N-ZA-Mn-za-m]'


Also sometimes useful is vim: `g?` ... it's useful to have "scrambled" lines in notes for protection against casual disclosure.

Vim used to have a (terrible) encryption capability, but lately I've been fairly happy with `pass` (passwordstore.org) for basic local encryption.


There's a rot13 command in the bsdgames package on Ubuntu. Or you could just create an alias. Not sure if the command takes file input.


Thank you. Tried that as well, still throws up a string of letters and numbers. But the frequency this time seemed a bit more consistent, so the trick is to apply some sort of frequency analysis, I guess. Still on it.

BTW, are there any more of such 'puzzle hunt' websites where you could play around and sharpen your decoding skills? Thanks!


Here's a list: https://gist.github.com/numberwhun/d85075f4f63411bafa1c6e40e...




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: