picoCTF - Day 1 - Warm up

Obedient Cat

Overview

• Category: General Skills
• Points: 5

Solution

First download the file, it has no extension associated.

Let’s see what kind of file it is using file command.

file flag
1

It’s ascii.

cat to obtain flag.

cat flag
1

flag: picoCTF{s4n1ty_v3r1f13d_28e8376d}

Mod 26

Overview

• Category: Cryptography
• Points: 10
  

Solution

Basic rot 13 cipher. Go to https://rot13.com/ to obtain flag.

flag: picoCTF{next_time_I'll_try_2_rounds_of_rot13_TLcKBUdK}

Python Wrangling

Overview

• Category: General Skills
• Points: 10
  

Solution

First download all three files.

After checking the python code, it looks like the script can decode the encoded flag using the password file.

Run the python script as there’s usage string.

Pretty straight forward now.

# copy the password string
cat pw.txt

# run the script and paste in the password
python ende.py -d flag.txt.en
1
2
3
4
5

flag: picoCTF{4p0110_1n_7h3_h0us3_dbd1bea4}

Wave a flag

Overview

• Category: General Skills
• Points: 10
  

Solution

First download the file.

It’s elf executable.

Run it.

chmod +x warm
./warm
1
2

Looks like the flag should be in the help info.

./warm -h
1

flag: picoCTF{b1scu1ts_4nd_gr4vy_18788aaa}

information

Overview

• Category: Forensics
• Points: 10

Solution

First download the file. It’s a jpg file. Must use one of the image meta data manipulation tools to check the file.

exiftool cat.jpg
1

This License file looks suspicious. Might be base64 encoded string.

Decode it.

echo -n 'cGljb0NURnt0aGVfbTN0YWRhdGFfMXNfbW9kaWZpZWR9' | base64 -d
1

flag: picoCTF{the_m3tadata_1s_modified}

Nice netcat…

Overview

• Category: General Skills
• Points: 15

Solution

Connect to the server using the command and see.

nc mercury.picoctf.net 22902
1

Looks like ascii numbers. Do a string manipulation and convert them to letters.

Concatenate into one line. Good that they have extra space for us.

nc mercury.picoctf.net 22902 | tr -d '\n' | tee flag.ascii
1

Go to https://codebeautify.org/ascii-to-text to get the flag.

flag: picoCTF{g00d_k1tty!_n1c3_k1tty!_d3dfd6df}

Summary

Day 1 out. Pretty straight forward and easy, hence warm up. Tomorrow we’re going to be facing harder ones involving reverse engineering problems. Game’s on.