SLEEPING (MARBLE) BEAUTY

Category: Misc • Crypto/Stego
Points: 75
Creator: TheZeal0t
Source: Phantastes — George MacDonald

Overview

“Sleeping (Marble) Beauty” blends light steganography with a classic substitution cipher.
The challenge hints toward a ROT47-style shift operating within the printable ASCII range.

Objective:

Decode the hidden recommendation and submit the result in the format
flag{...}

Challenge Information

• File Size: 4 KB
• SHA1: fb0cc233849c7a83f7536389eec6346f881fbd2c

Encoded string:

( . # ) = u * M 1 * M M M y 1 7 M 5 * 1 7 . & M * # 8 ' M . ' 6 M * ' 4 M s l e e p M b r o A M Z o ?
 

Understanding ROT47

ROT47 shifts characters within the ASCII range 33–126, covering 94 printable characters.

Formula:

out = 33 + ((ord(c) - 33 + shift) % 94)
 

Unlike ROT13 (alphabet-only), ROT47 applies to numbers, punctuation, and symbols as well.

Since the shift was not explicitly given, brute forcing was the simplest approach.

Python Brute-Force Script

def rot47(char, shift):
    if 33 <= ord(char) <= 126:
        return chr(33 + ((ord(char) - 33 + shift) % 94))
    return char
 
def decode_rot47(encoded_str, shift):
    return ''.join(rot47(c, shift) for c in encoded_str)
 
encoded = "( . # ) = u * M 1 * M M M y 1 7 M 5 * 1 7 . & M * # 8 ' M . ' 6 M * ' 4 M s l e e p M b r o A M Z o ?"
 
for s in range(1, 63):
    dec = decode_rot47(encoded, s)
    print(f"Shift {s}: {dec.replace(' ', '')}")
 

Running through shifts quickly reveals readable plaintext.

Decoded Output

Uh-oh---You-should-have-let-her-SLEEP-BRO!-:O
 

Final Flag

flag{Uh-oh---You-should-have-let-her-SLEEP-BRO!-:O}
 

Key Takeaways

• ROT47 extends substitution across the full printable ASCII range.
• Brute-forcing shifts is efficient when the character window is known.
• Thematic challenge names often hint toward the final phrase.
• Simple ciphers remain effective when layered with spacing and presentation tricks.