Obedient Cat 🔗
This file has a flag in plain sight (aka “in-the-clear”)
$ curl https://mercury.picoctf.net/static/0e428b2db9788d31189329bed089ce98/flag
Python Wrangling 🔗
Python scripts are invoked kind of like programs in the Terminal… Can you run this Python script using this password to get the flag?
Provided python script does encryption/decryption using the Fernet module.
flag.txt.en, simply run:
$ python3 ende.py -d flag.txt.en $(cat pw.txt)
Wave a flag 🔗
Can you invoke help flags for a tool or binary? This program has extraordinarily helpful information…
Flag can be retrieved by entering the
-h parameter. Or alternatively, using
$ ./warm -h
Nice netcat 🔗
There is a nice program that you can talk to by using this command in a shell:
$ nc mercury.picoctf.net 21135, but it doesn’t speak English…
After connecting to the server with netcat and pressing enter, we receive a bunch of numbers to the stdout. These are decimal representations of ascii characters. Converting it from decimal to string gives us the final flag.
for n in $(echo | nc mercury.picoctf.net 21135); do printf "\\$(printf %03o "$n")"; done
Static ain’t always noise 🔗
Can you look at the data in this binary: static? This BASH script might help!
The flag is hidden inside the
static binary. The provided bash script will extract all readable strings from the binary.
$ ./ltdis.sh static $ cat static.ltdis.strings.txt | grep pico
Tab, Tab, Attack 🔗
Using tabcomplete in the Terminal will add years to your life, esp. when dealing with long rambling directory structures and filenames: Addadshashanammu.zip
Tabbing my way through subdirectories and launching the executable
Magikarp Ground Mission 🔗
Do you know how to move between directories and read files in the shell? Start the container,
ssh to it, and then
ls once connected to begin. Login via
ctf-player with the password,
Parts of the flag are scattered around in different locations inside the container.
We can put together all the pieces by simply catting all the files, or using the
$ paste -d '' 1of3.flag.txt /2of3.flag.txt ~/3of3.flag.txt