General Skills

Obedient Cat [5 pts]

Description

This file has a flag in plain sight (aka "in-the-clear"). Download flag

Solution

Open File

Flag: picoCTF{s4n1ty_v3r1f13d_2aa22101}

Python Wrangling [10 pts] [Not Solved]

Description

Python scripts are invoked kind of like programs in the Terminal... Can you run this Python script using this password to get the flag?

Solution

a

Flag:

Wave a Flag [10 pts]

Description

Can you invoke help flags for a tool or binary? This program has extraordinarily helpful information...

Solution

So many ways to do this problem but due to the low value I will go with the easiest one. So if you start and just run ./warm It will print a zsh: permission denied: ./warm The command I use is chmod +x warm or you could use chmod 777 warm Either one works as it gives the file executable rights Now when we run ./warm we get a message back asking us to pass -h To get the flag I ran the command ./warm -h

Flag: picoCTF{b1scu1ts_4nd_gr4vy_30e77291}

Nice netcat... [15 pts]

Description

There is a nice program that you can talk to by using this command in a shell: $ nc mercury.picoctf.net 35652, but it doesn't speak English...

Solution

Running the given command in the terminal will return a lot of numbers. We can determine that it will start with pico so the correlation is 112 105 99 111 = pico and knowing from my programming it was ASCII. Wanting to put some to the test I created code to do the task for me instead of using an online converter.

First I create and open a socket

import socket

hostname = "mercury.picoctf.net"
port = 35652

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # Creates Socket
sock.connect((hostname, port)) # Connects

Receiving and translating the code

def readall():
    global sock
    return sock.recv(100000) # Big number

def dumpall(s):
    flag = ''
    for line in s.split('\n'):
        flag += chr(int(line))
    return flag
    
res = readall().decode().strip()
print(dumpall(res))

sock.shutdown(socket.SHUT_WR) # Closing the connection

Flag: picoCTF{g00d_k1tty!_n1c3_k1tty!_9b3b7392}

Static ain't always noise [20 pts] [Not Solved]

Description

Can you look at the data in this binary: static? This BASH script might help!

Solution

a

Flag:

Tab, Tab, Attack [20 pts] [Not Solved]

Description

Using tabcomplete in the Terminal will add years to your life, esp. when dealing with long rambling directory structures and filenames: Addadshashanammu.zip

Solution

a

Flag:

Magikarp Ground Mission [30 pts] [Not Solved]

Description

Do you know how to move between directories and read files in the shell? Start the container, ssh to it, and then ls once connected to begin. Login via ssh as ctf-player with the password, b60940ca

Solution

a

Flag:

PreviouspicoCTF 2021NextBinary Exploitation

Last updated