The file message.txt seems to contain a base64 string, but when decoding it, we receive another base64 string. Let’s check the other file to understand what is going on.
The file hide.pyo is a compiled python object file. We can decompile it using the uncompyle2 package.
We add some comment in order to understand what is going on:
So we are dealing with multiple passes of base64. The easiest way is to read the file message.txt and iterate a base64 decoding, until an exception is raised (meaning that the string is no longer in base64, so it is the original string).
So we tried the super-famous correcthorsebatterystaple as the flag but it didn’t work. The other one was Tr0ub4dor&3 and it worked, so this is our flag.