Run the runme.py script to get the flag. Download the script with your browser or with wget in the webshell. Download runme.py Python script
oste-picoctf@webshell:~$ wget https://artifacts.picoctf.net/c/92/runme.py
--2022-01-12 20:51:52-- https://artifacts.picoctf.net/c/92/runme.py
Resolving artifacts.picoctf.net (artifacts.picoctf.net)... 99.84.248.96, 99.84.248.26, 99.84.248.60, ...
Connecting to artifacts.picoctf.net (artifacts.picoctf.net)|99.84.248.96|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 270 [application/octet-stream]
Saving to: 'runme.py'
runme.py 100%[================================================================================================>] 270 --.-KB/s in 0s
2022-01-12 20:51:52 (57.2 MB/s) - 'runme.py' saved [270/270]
oste-picoctf@webshell:~$ ls -la
total 24
drwxr-xr-x 2 oste-picoctf oste-picoctf 91 Jan 12 20:51 .
drwxr-xr-x 3 root root 26 Jan 10 22:39 ..
-rw-r--r-- 1 oste-picoctf oste-picoctf 220 Jan 10 22:39 .bash_logout
-rw-r--r-- 1 oste-picoctf oste-picoctf 3771 Jan 10 22:39 .bashrc
-rw-r--r-- 1 oste-picoctf oste-picoctf 807 Jan 10 22:39 .profile
-rw-r--r-- 1 root root 5144 Jan 12 20:51 README.txt
-rw-rw-r-- 1 oste-picoctf oste-picoctf 270 Jan 4 23:47 runme.py
oste-picoctf@webshell:~$ python3 runme.py
picoCTF{run_s4n1ty_run}
ANS: picoCTF{run_s4n1ty_run}
Connect to a remote computer using nc and get the flag.
$ nc saturn.picoctf.net 57688_
SOLUTION
oste-picoctf@webshell:~$ nc saturn.picoctf.net 57688
picoCTF{s4n1ty_c4t}
ANS: picoCTF{s4n1ty_c4t}
Run the Python script and convert the given number from decimal to binary to get the flag. Download Python script
SOLUTION
oste-picoctf@webshell:~$ cat convertme.py
import random
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x5f) + chr(0x05) + chr(0x08) + chr(0x2a) + chr(0x1c) + chr(0x5e) + chr(0x1e) + chr(0x1b) + chr(0x3b) + chr(0x17) + chr(0x51) + chr(0x5b) + chr(0x58) + chr(0x5c) + chr(0x3b) + chr(0x10) + chr(0x57) + chr(0x0f) + chr(0x5e) + chr(0x51) + chr(0x5c) + chr(0x46) + chr(0x53) + chr(0x13)
num = random.choice(range(10,101))
print('If ' + str(num) + ' is in decimal base, what is it in binary base?')
ans = input('Answer: ')
try:
ans_num = int(ans, base=2)
if ans_num == num:
flag = str_xor(flag_enc, 'enkidu')
print('That is correct! Here\'s your flag: ' + flag)
else:
print(str(ans_num) + ' and ' + str(num) + ' are not equal.')
except ValueError:
print('That isn\'t a binary number. Binary numbers contain only 1\'s and 0\'s')
If you run the script, you'll be given a random number to convert. In this case, i used CyberChef as shown in the screenshot below. After supplying the binary base, we get the flag
oste-picoctf@webshell:~$ python3 convertme.py
If 96 is in decimal base, what is it in binary base?
Answer: 01100000
That is correct! Here's your flag: picoCTF{4ll_y0ur_b4535_e2a58836}
ANS: picoCTF{4ll_y0ur_b4535_e2a58836}
Run the Python script code.py in the same directory as codebook.txt.
- Download code.py
- Download codebook.txt
oste-picoctf@webshell:~$ mkdir codebook && cd codebook
oste-picoctf@webshell:~/codebook$ wget https://artifacts.picoctf.net/c/103/code.py
--2022-01-12 21:50:32-- https://artifacts.picoctf.net/c/103/code.py
Resolving artifacts.picoctf.net (artifacts.picoctf.net)... 99.84.248.38, 99.84.248.96, 99.84.248.26, ...
Connecting to artifacts.picoctf.net (artifacts.picoctf.net)|99.84.248.38|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1278 (1.2K) [application/octet-stream]
Saving to: 'code.py'
code.py 100%[================================================================================================>] 1.25K --.-KB/s in 0s
2022-01-12 21:50:32 (238 MB/s) - 'code.py' saved [1278/1278]
oste-picoctf@webshell:~/codebook$ wget https://artifacts.picoctf.net/c/103/codebook.txt
--2022-01-12 21:50:47-- https://artifacts.picoctf.net/c/103/codebook.txt
Resolving artifacts.picoctf.net (artifacts.picoctf.net)... 99.84.248.26, 99.84.248.60, 99.84.248.38, ...
Connecting to artifacts.picoctf.net (artifacts.picoctf.net)|99.84.248.26|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 27 [application/octet-stream]
Saving to: 'codebook.txt'
codebook.txt 100%[================================================================================================>] 27 --.-KB/s in 0s
2022-01-12 21:50:48 (5.17 MB/s) - 'codebook.txt' saved [27/27]
oste-picoctf@webshell:~/codebook$ ls -la
total 8
drwxrwxr-x 2 oste-picoctf oste-picoctf 41 Jan 12 21:50 .
drwxr-xr-x 3 oste-picoctf oste-picoctf 132 Jan 12 21:50 ..
-rw-rw-r-- 1 oste-picoctf oste-picoctf 1278 Jan 4 23:48 code.py
-rw-rw-r-- 1 oste-picoctf oste-picoctf 27 Jan 4 23:48 codebook.txt
oste-picoctf@webshell:~/codebook$ python3 code.py
picoCTF{c0d3b00k_455157_8100c7c1}
oste-picoctf@webshell:~/codebook$
ANS: picoCTF{c0d3b00k_455157_8100c7c1}
Can you crack the password to get the flag? Download the password checker here and you'll need the encrypted flag in the same directory too.
If you want to hash with the best, beat this test!
nc saturn.picoctf.net 65352
oste-picoctf@webshell:~$ nc saturn.picoctf.net 65352
Please md5 hash the text between quotes, excluding the quotes: 'cold pizza'
Answer:
da910b97223f1dc73b65038d744b5e3c
da910b97223f1dc73b65038d744b5e3c
Correct.
Please md5 hash the text between quotes, excluding the quotes: 'gym teachers'
Answer:
6a8404f911c6543cada93a75dd30a57d
6a8404f911c6543cada93a75dd30a57d
Correct.
Please md5 hash the text between quotes, excluding the quotes: 'a honeymoon'
Answer:
6552e3784f898159d5c06d7c7fedd918
6552e3784f898159d5c06d7c7fedd918
Correct.
picoCTF{4ppl1c4710n_r3c31v3d_674c1de2}
ANS: picoCTF{4ppl1c4710n_r3c31v3d_674c1de2}
Find the flag in the Python script! Download Python script
oste-picoctf@webshell:~/serpentine$ python3 serpentine.py
Y
.-^-.
/ \ .- ~ ~ -.
() () / _ _ `. _ _ _
\_ _/ / / \ \ . ~ _ _ ~ .
| | / / \ \ .' .~ ~-. `.
| | / / ) ) / / `.`.
\ \_ _/ / / / / / `'
\_ _ _.' / / ( (
/ / \ \
/ / \ \
/ / ) )
( ( / /
`. `. .' /
`. ~ - - - - ~ .'
~ . _ _ _ _ . ~
Welcome to the serpentine encourager!
a) Print encouragement
b) Print flag
c) Quit
What would you like to do? (a/b/c) a
-----------------------------------------------------
Look how far you've come!
-----------------------------------------------------
a) Print encouragement
b) Print flag
c) Quit
What would you like to do? (a/b/c) b
Oops! I must have misplaced the print_flag function! Check my source code!
a) Print encouragement
b) Print flag
c) Quit
What would you like to do? (a/b/c) c
oste-picoctf@webshell:~/serpentine$ nano serpentine.py
a) Print encouragement
b) Print flag
c) Quit
What would you like to do? (a/b/c) b
picoCTF{7h3_r04d_l355_7r4v3l3d_8e47d128}
ANS: picoCTF{7h3_r04d_l355_7r4v3l3d_8e47d128}
Fix the syntax error in this Python script to print the flag.
picoCTF{1nd3nt1ty_cr1515_09ee727a}