CTF/picoCTF
[picoCTF] General Skills
j4ko
2024. 4. 5. 01:04
728x90
반응형
Super SSH
╰─$ ssh -p 58403 ctf-player@titan.picoctf.net 255 ↵
The authenticity of host '[titan.picoctf.net]:58403 ([3.139.174.234]:58403)' can't be established.
ED25519 key fingerprint is SHA256:4S9EbTSSRZm32I+cdM5TyzthpQryv5kudRP9PIKT7XQ.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[titan.picoctf.net]:58403' (ED25519) to the list of known hosts.
ctf-player@titan.picoctf.net's password:
Welcome ctf-player, here's your flag: picoCTF{s3cur3_c0nn3ct10n_07a987ac}
Connection to titan.picoctf.net closed.
MagiKarp Ground Mission
흩어져있는 flag 파일을 찾는 문제
╰─$ ssh ctf-player@venus.picoctf.net -p 59675 130 ↵
The authenticity of host '[venus.picoctf.net]:59675 ([3.131.124.143]:59675)' can't be established.
ED25519 key fingerprint is SHA256:P1f6h95BrSVnJbm2AKhphfHHGEyAeThib/rN/AwKs24.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[venus.picoctf.net]:59675' (ED25519) to the list of known hosts.
ctf-player@venus.picoctf.net's password:
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 5.4.0-1041-aws x86_64)
* Documentation: <https://help.ubuntu.com>
* Management: <https://landscape.canonical.com>
* Support: <https://ubuntu.com/advantage>
This system has been minimized by removing packages and content that are
not required on a system that users do not log into.
To restore this content, you can run the 'unminimize' command.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
# 1of3.flag.txt
ctf-player@pico-chall$ cat 1of3.flag.txt
picoCTF{xxsh_
# 2of3.flag.txt
ctf-player@pico-chall$ cd /
ctf-player@pico-chall$ ls
2of3.flag.txt bin boot dev etc home instructions-to-3of3.txt lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
ctf-player@pico-chall$ cat /2of3.flag.txt
0ut_0f_\\/\\/4t3r_
# 3of3.flag.txt
ctf-player@pico-chall$ cd ~
ctf-player@pico-chall$ ls
3of3.flag.txt drop-in
ctf-player@pico-chall$ ls -al
total 32
drwxr-xr-x 1 ctf-player ctf-player 4096 Apr 4 07:06 .
drwxr-xr-x 1 root root 4096 Mar 16 2021 ..
drwx------ 2 ctf-player ctf-player 4096 Apr 4 07:06 .cache
-rw-r--r-- 1 ctf-player ctf-player 80 Mar 16 2021 .profile
drw------- 1 ctf-player ctf-player 4096 Mar 16 2021 .ssh
-rw-r--r-- 1 ctf-player ctf-player 10 Mar 16 2021 3of3.flag.txt
drwxr-xr-x 1 ctf-player ctf-player 4096 Mar 16 2021 drop-in
ctf-player@pico-chall$ cat 3of3.flag.txt
c1754242}
Lets Warm Up
0x70에 해당하는 ASCII 문자를 물어보는 문제
WarmUp
0x3D에 해당하는 10진수를 물어보는 문제
참조
First Find
주어진 폴더에서 “uber-secret.txt” 라는 숨겨진 파일을 찾는 문제
╭─jako@prompt-pro ~/private/cyber/picoctf/files
╰─$ find ./ -name "uber-secret.txt" 2>/dev/null
.//adequate_books/more_books/.secret/deeper_secrets/deepest_secrets/uber-secret.txt
╭─jako@prompt-pro ~/private/cyber/picoctf/files
╰─$ cat .//adequate_books/more_books/.secret/deeper_secrets/deepest_secrets/uber-secret.txt
picoCTF{f1nd_15_f457_ab443fd1}
Big Zip
주어진 폴더에 다량의 텍스트와 폴더가 있을때 특정 문자열을 찾는 문제이다. “grep” 명령어를 이용해 재귀적 탐색으로 해결하자.
╭─jako@prompt-pro ~/private/cyber/picoctf/big-zip-files
╰─$ grep -r "picoCTF" ./ 1 ↵
.//folder_pmbymkjcya/folder_cawigcwvgv/folder_ltdayfmktr/folder_fnpfclfyee/whzxrpivpqld.txt:information on the record will last a billion years. Genes and brains and books encode picoCTF{gr3p_15_m4g1c_ef8790dc}
chrono
Use ssh to connect to this server: Server: saturn.picoctf.net Port: 53279
Username: picoplayer
Password: 5wf1w1hVxt
ssh picoplayer@saturn.picoctf.net -p 53279
리눅스 서버에서 자동화를 파일이 무엇인지 물어보는 문제. 제공된 서버의 crontab 파일을 읽으면 flag가 있음
money-ware
문제에서 요구하는 답을 입력하면됨, 문제를 읽고 ransomeware인줄 알았으나 아님
The first letter of the malware name should be capitalized and the rest lowercase. Your friend just got hacked and has been asked to pay some bitcoins to 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX. He doesn’t seem to understand what is going on and asks you for advice. Can you identify what malware he’s being a victim of?
picoCTF{Petya}
728x90
반응형