Obedient Cat π
This file has a flag in plain sight (aka “in-the-clear”)
Solution
$ curl https://mercury.picoctf.net/static/0e428b2db9788d31189329bed089ce98/flag
Flag: picoCTF{s4n1ty_v3r1f13d_2fd6ed29}
Python Wrangling π
Python scripts are invoked kind of like programs in the Terminal… Can you run this Python script using this password to get the flag?
Solution
Provided python script does encryption/decryption using the Fernet module.
To decrypt flag.txt.en, simply run:
$ python3 ende.py -d flag.txt.en $(cat pw.txt)
Flag: picoCTF{4p0110_1n_7h3_h0us3_ac9bd0ff}
Wave a flag π
Can you invoke help flags for a tool or binary? This program has extraordinarily helpful information…
Solution
Flag can be retrieved by entering the -h parameter. Or alternatively, using strings.
$ ./warm -h
Flag: picoCTF{b1scu1ts_4nd_gr4vy_f0668f62}
Nice netcat π
There is a nice program that you can talk to by using this command in a shell: $ nc mercury.picoctf.net 21135, but it doesn’t speak English…
Solution
After connecting to the server with netcat and pressing enter, we receive a bunch of numbers to the stdout. These are decimal representations of ascii characters. Converting it from decimal to string gives us the final flag.
for n in $(echo | nc mercury.picoctf.net 21135); do
printf "\\$(printf %03o "$n")";
done
Flag: picoCTF{g00d_k1tty!_n1c3_k1tty!_afd5fda4}
Static ain’t always noise π
Can you look at the data in this binary: static? This BASH script might help!
Solution
The flag is hidden inside the static binary. The provided bash script will extract all readable strings from the binary.
$ ./ltdis.sh static
$ cat static.ltdis.strings.txt | grep pico
Flag: picoCTF{d15a5m_t34s3r_6f8c8200}
Tab, Tab, Attack π
Using tabcomplete in the Terminal will add years to your life, esp. when dealing with long rambling directory structures and filenames: Addadshashanammu.zip
Solution
Tabbing my way through subdirectories and launching the executable
$ ./Addadshashanammu/Almurbalarammi/Ashalmimilkala/Assurnabitashpi/Maelkashishi/Onnissiralis/Ularradallaku/fang-of-haynekhtnamet
Flag: picoCTF{l3v3l_up!_t4k3_4_r35t!_2bcfb2ab}
Magikarp Ground Mission π
Do you know how to move between directories and read files in the shell? Start the container, ssh to it, and then ls once connected to begin. Login via ssh as ctf-player with the password, a13b7f9d
Solution
Parts of the flag are scattered around in different locations inside the container.
We can put together all the pieces by simply catting all the files, or using the paste command.
$ paste -d '' 1of3.flag.txt /2of3.flag.txt ~/3of3.flag.txt
Flag: picoCTF{xxsh_0ut_0f_\/\/4t3r_71be5264}