picoCTF2019 writeup
Points: 1
There appear to be some mysterious glyphs hidden inside this abandoned factory… I wonder what would happen if you collected them all?
Submit your answer in our competition’s flag format. For example, if you answer was ‘hello’, you would submit ‘picoCTF{hello}’ as the flag
Play the unity game on the picoCTF website, every location got a glyph, get all 6 to solve it. | Challenges | Solve | Glyph Obtained | |:——————————————-|:———–|:——-| | Reverse Engineering | 2413 | Yes | | Forensics | Top right in the river | Yes | | Cryptography | 5th from top, 5 to the right | Yes | | Binary Exploit | R,B,R,B,R,B until yellow door | Yes | | General Skills | Right infront | Yes | | Web Exploit | Btm right, bottom wall has teleporter to top left | Yes |
Scan QR get password password: xmfv53uqkf621gakvh502gxfu1g78glds
Go to starting computer, type in password and view message log. Theres a short funny message that comes out which tells you the secret.
picoCTF{zerozerozerozero}
Points: 50
Can you convert the number 42 (base 10) to binary (base 2)?
Submit your answer in our competition’s flag format. For example, if you answer was ‘11111’, you would submit ‘picoCTF{11111}’ as the flag.
Use any dec to bin calculator
picoCTF{101010}
Points: 50
If I told you a word started with 0x70 in hexadecimal, what would it start with in ASCII?
Submit your answer in our competition’s flag format. For example, if you answer was ‘hello’, you would submit ‘picoCTF{hello}’ as the flag.
Use online table to reference 0x70 to ascii.
picoCTF{p}
Points: 50
What is 0x3D (base 16) in decimal (base 10).
Submit your answer in our competition’s flag format. For example, if you answer was ‘22’, you would submit ‘picoCTF{22}’ as the flag.
Use any hexa to dec calculator.
picoCTF{61}
Points: 100
What does this bDNhcm5fdGgzX3IwcDM1 mean? I think it has something to do with bases.
Submit your answer in our competition’s flag format. For example, if you answer was ‘hello’, you would submit ‘picoCTF{hello}’ as the flag.
Decode ‘bDNhcm5fdGgzX3IwcDM1’ from Base64 format
picoCTF{l3arn_th3_r0p35}
Points: 100
Can you find the flag in file? This would be really tedious to look through manually, something tells me there is a better way. You can also find the file in /problems/first-grep_1_6788154ca7ee937f569985ff397203b6 on the shell server.
grep tutorial
grep "picoCTF" file
to get the flag.picoCTF{grep_is_good_to_find_things_205b65d7}
Points: 100
We put together a bunch of resources to help you out on our website! If you go over there, you might even find a flag! https://picoctf.com/resources (link)
picoCTF{r3source_pag3_f1ag}
Points: 100
Can you find the flag in file without running it? You can also find the file in /problems/strings-it_3_d2b2eb25dc5e3f3625810131832de295 on the shell server.
strings
cmd and grep
cmd on the file downloadedpicoCTF{r3source_pag3_f1ag}
Points: 100
Using netcat (nc) is going to be pretty important. Can you connect to 2019shell1.picoctf.com at port 32225 to get the flag?
nc tutorial
nc 2019shell1.picoctf.com 32225
to get the flagpicoCTF{nEtCat_Mast3ry_b1d25ece}
Points: 200
To get truly 1337, you must understand different data encodings, such as hexadecimal or binary. Can you get the flag from this program to prove you are on the way to becoming 1337? Connect with
nc 2019shell1.picoctf.com 25180
.
I hear python can convert things. It might help to have multiple windows open
nc 2019shell1.picoctf.com 25180
picoCTF{learning_about_converting_values_d57e7f86}
Points: 200
Can you find the flag in /problems/first-grep–part-ii_0_b68f6a4e9cb3a7aad4090dea9dd80ce1/files on the shell server? Remember to use grep.
grep tutorial
grep -r "picoCTF" .
to get the flagpicoCTF{grep_r_to_find_this_e4fa3ba7}
Points: 200
Sometimes you need to handle process data outside of a file. Can you find a way to keep the output from this program and search for the flag? Connect to 2019shell1.picoctf.com 9525.
Remember the flag format is picoCTF{XXXX} What’s a pipe? No not that kind of pipe… This kind
nc 2019shell1.picoctf.com 9525 > out.txt
and grep
cmd to get the flagpicoCTF{digital_plumb3r_dd86d037}
Points: 200
Can you spot the difference? kitters cattos. They are also available at /problems/whats-the-difference_0_00862749a2aeb45993f36cc9cf98a47a on the shell server
How do you find the difference between two files? Dumping the data from a hex editor may make it easier to compare.
HexViewer Plugin Plugin Here
Compare Side-By-Side Plugin Here
- Jump to next:
Alt+N
, Jump to previous:Alt+P
Run both file in sublime text and convert them with the `HexViewer` plugin.
After Hex is obtain run 'Compare Side-By-Side' plugin in sublime text.
The comparing process might take some time.
picoCTF{th3yr3_a5_d1ff3r3nt_4s_bu773r_4nd_j311y_aslkjfdsalkfslkflkjdsfdszmz10548}
Points: 200
I’ve used a super secret mind trick to hide this file. Maybe something lies in /problems/where-is-the-file_2_f1aa319cafd4b55ee4a60c1ba65255e2.
What command can see/read files? What’s in the manual page of ls?
ls -la
to get the hidden filepicoCTF{w3ll_that_d1dnt_w0RK_30444bc6}
Points: 300
There’s a flag shop selling stuff, can you buy a flag? Source. Connect with nc 2019shell1.picoctf.com 29250.
Two’s compliment can do some weird things when numbers get really big!
Analyze the code given to find out what it does. Basically is a shop that allows you to buy flag. There is a flaw in the system when you buy a flag.
account_balance = account_balance - total_cost;
In twos complement system, the MSB is the negative bit. Therefore just make the total_cost large enough until it becomes negative so that it adds to your account balance.
2
...
1
...
These knockoff Flags cost 900 each, enter desired quantity
2147468647
The final cost is: -13500900
Your current balance after transaction: 13502000
And based on the code found in 2., your account balance will be added and you will be rich enough to purchase the 1337 flag.
picoCTF{m0n3y_bag5_783740a8}
Points: 300
I wrote you a song Put it in the picoCTF{} flag format
Do you think you can master rockstar?
picoCTF{rrrocknrn0113r}