[picoCTF] General Skills

Super SSH

╰─$ ssh -p 58403 ctf-player@titan.picoctf.net                                                                                                                                              255 ↵
The authenticity of host '[titan.picoctf.net]:58403 ([3.139.174.234]:58403)' can't be established.
ED25519 key fingerprint is SHA256:4S9EbTSSRZm32I+cdM5TyzthpQryv5kudRP9PIKT7XQ.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[titan.picoctf.net]:58403' (ED25519) to the list of known hosts.
ctf-player@titan.picoctf.net's password:
Welcome ctf-player, here's your flag: picoCTF{s3cur3_c0nn3ct10n_07a987ac}
Connection to titan.picoctf.net closed.

MagiKarp Ground Mission

흩어져있는 flag 파일을 찾는 문제

╰─$     ssh ctf-player@venus.picoctf.net -p 59675                                                                                                                                          130 ↵
The authenticity of host '[venus.picoctf.net]:59675 ([3.131.124.143]:59675)' can't be established.
ED25519 key fingerprint is SHA256:P1f6h95BrSVnJbm2AKhphfHHGEyAeThib/rN/AwKs24.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[venus.picoctf.net]:59675' (ED25519) to the list of known hosts.
ctf-player@venus.picoctf.net's password:
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 5.4.0-1041-aws x86_64)

 * Documentation:  <https://help.ubuntu.com>
 * Management:     <https://landscape.canonical.com>
 * Support:        <https://ubuntu.com/advantage>
This system has been minimized by removing packages and content that are
not required on a system that users do not log into.

To restore this content, you can run the 'unminimize' command.

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

# 1of3.flag.txt
ctf-player@pico-chall$ cat 1of3.flag.txt
picoCTF{xxsh_

# 2of3.flag.txt
ctf-player@pico-chall$ cd /
ctf-player@pico-chall$ ls
2of3.flag.txt  bin  boot  dev  etc  home  instructions-to-3of3.txt  lib  lib64	media  mnt  opt  proc  root  run  sbin	srv  sys  tmp  usr  var
ctf-player@pico-chall$ cat /2of3.flag.txt
0ut_0f_\\/\\/4t3r_

# 3of3.flag.txt
ctf-player@pico-chall$ cd ~
ctf-player@pico-chall$ ls
3of3.flag.txt  drop-in
ctf-player@pico-chall$ ls -al
total 32
drwxr-xr-x 1 ctf-player ctf-player 4096 Apr  4 07:06 .
drwxr-xr-x 1 root       root       4096 Mar 16  2021 ..
drwx------ 2 ctf-player ctf-player 4096 Apr  4 07:06 .cache
-rw-r--r-- 1 ctf-player ctf-player   80 Mar 16  2021 .profile
drw------- 1 ctf-player ctf-player 4096 Mar 16  2021 .ssh
-rw-r--r-- 1 ctf-player ctf-player   10 Mar 16  2021 3of3.flag.txt
drwxr-xr-x 1 ctf-player ctf-player 4096 Mar 16  2021 drop-in
ctf-player@pico-chall$ cat 3of3.flag.txt
c1754242}

 

Lets Warm Up

0x70에 해당하는 ASCII 문자를 물어보는 문제

 

WarmUp

0x3D에 해당하는 10진수를 물어보는 문제

 

참조

• https://www.rapidtables.com/convert/number/hex-to-decimal.html

First Find

주어진 폴더에서 “uber-secret.txt” 라는 숨겨진 파일을 찾는 문제

╭─jako@prompt-pro ~/private/cyber/picoctf/files
╰─$ find ./ -name "uber-secret.txt" 2>/dev/null
.//adequate_books/more_books/.secret/deeper_secrets/deepest_secrets/uber-secret.txt
╭─jako@prompt-pro ~/private/cyber/picoctf/files
╰─$ cat .//adequate_books/more_books/.secret/deeper_secrets/deepest_secrets/uber-secret.txt
picoCTF{f1nd_15_f457_ab443fd1}

 

 

Big Zip

주어진 폴더에 다량의 텍스트와 폴더가 있을때 특정 문자열을 찾는 문제이다. “grep” 명령어를 이용해 재귀적 탐색으로 해결하자.

╭─jako@prompt-pro ~/private/cyber/picoctf/big-zip-files
╰─$ grep -r "picoCTF" ./                                                                                                                                                                     1 ↵
.//folder_pmbymkjcya/folder_cawigcwvgv/folder_ltdayfmktr/folder_fnpfclfyee/whzxrpivpqld.txt:information on the record will last a billion years. Genes and brains and books encode picoCTF{gr3p_15_m4g1c_ef8790dc}

 

chrono

Use ssh to connect to this server: Server: saturn.picoctf.net Port: 53279
Username: picoplayer
Password: 5wf1w1hVxt
ssh picoplayer@saturn.picoctf.net -p 53279

 

리눅스 서버에서 자동화를 파일이 무엇인지 물어보는 문제. 제공된 서버의 crontab 파일을 읽으면 flag가 있음

 

 

money-ware

문제에서 요구하는 답을 입력하면됨, 문제를 읽고 ransomeware인줄 알았으나 아님

The first letter of the malware name should be capitalized and the rest lowercase. Your friend just got hacked and has been asked to pay some bitcoins to 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX. He doesn’t seem to understand what is going on and asks you for advice. Can you identify what malware he’s being a victim of?

picoCTF{Petya}